NSFOCUS Security Advisory SA2003-03 – A local heap overflow was found in Sun Solaris’s CDE manager dtsession which allows local users to execute code as root by setting a long HOME environment variable. Solaris 2.6, 2.7, 2.8, and 2.9 is affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/30952/sa2003-03.txt
Source: https://packetstormsecurity.com/files/30952/sa2003-03.txt.html