Ed
by GNU
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5357 | Hig | 0.49 | 7.5 | 0.03 | Feb 17, 2017 | regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | ||
| CVE-2008-3916 | 0.00 | — | 0.04 | Sep 4, 2008 | Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only… | |||
| CVE-2006-6939 | 0.00 | — | 0.00 | Jan 17, 2007 | GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | |||
| CVE-2000-1137 | 0.00 | — | 0.00 | Jan 9, 2001 | GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. |
- risk 0.49cvss 7.5epss 0.03
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
- CVE-2008-3916Sep 4, 2008risk 0.00cvss —epss 0.04
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only…
- CVE-2006-6939Jan 17, 2007risk 0.00cvss —epss 0.00
GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function.
- CVE-2000-1137Jan 9, 2001risk 0.00cvss —epss 0.00
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.