VYPR
Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026

CVE-2002-2334

CVE-2002-2334

Description

Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users.

Affected products

9
  • Joseph Allen/Joe8 versions
    cpe:2.3:a:joseph_allen:joe:2.8:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:joseph_allen:joe:2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.6:*:*:*:*:*:*:*
    • cpe:2.3:a:joseph_allen:joe:2.9.7:*:*:*:*:*:*:*
  • Range: 2.8 - 2.9.7

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.