Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ed
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 4 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-02-17 | CVE-2017-5357 | regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | Fedora, Ed | 7.5 | ||
| 2008-09-04 | CVE-2008-3916 | Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. | Ed | N/A | ||
| 2007-01-16 | CVE-2006-6939 | GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | Ed | N/A | ||
| 2001-01-09 | CVE-2000-1137 | GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | Ed | N/A |