Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-3916 | 1 Gnu | 1 Ed | 2018-10-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. | |||||
| CVE-2000-1137 | 1 Gnu | 1 Ed | 2018-05-02 | 4.6 MEDIUM | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | |||||
| CVE-2006-6939 | 1 Gnu | 1 Ed | 2017-07-28 | 4.6 MEDIUM | N/A |
| GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | |||||
| CVE-2017-5357 | 2 Fedoraproject, Gnu | 2 Fedora, Ed | 2017-02-17 | 5.0 MEDIUM | 7.5 HIGH |
| regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | |||||