CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-5357
https://notcve.org/view.php?id=CVE-2017-5357
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. regex.c en GNU ed en versiones anteriores a 1.14.1 permite a atacantes provocar una denegación de servicio (caída) a través de un comando mal formado, que desencadena una liberación no válida. • http://www.openwall.com/lists/oss-security/2017/01/12/5 http://www.openwall.com/lists/oss-security/2017/01/12/6 http://www.openwall.com/lists/oss-security/2017/01/12/7 http://www.openwall.com/lists/oss-security/2017/01/13/3 http://www.securityfocus.com/bid/95422 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZVH54XNZ77ICNBJTPI2DLJYQTA3SYSFC https://lists.gnu.org/archive/html/bug-ed/2017-01/msg00000.html • CWE-416: Use After Free •
CVSS: 9.3EPSS: 0%CPEs: 8EXPL: 0CVE-2008-3916 – ed: Heap-based buffer overflow (arb. code execution)
https://notcve.org/view.php?id=CVE-2008-3916
Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege boundaries when ed is invoked as a third-party component. Vulnerabilidad de desbordamiento de búfer basado en montículo en la Función strip_escapes en signal.c en GNU ed 1.0, permite a atacantes asistidos por el usuario o dependientes de contexto, ejecutar código de su elección a través de un nombre de archivo largo. NOTA: puesto que ed no se ejecuta con privilegios especiales, esta cuestión solo afecta a los privilegios de la aplicación ed cuando se encuentra añadido en una aplicación de terceros. • http://lists.gnu.org/archive/html/bug-ed/2008-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html http://secunia.com/advisories/32349 http://secunia.com/advisories/32460 http://secunia.com/advisories/33005 http://secunia.com/advisories/38794 http://secunia.com/advisories/43068 http://security.gentoo.org/glsa/glsa-200809-15.xml http://support.avaya.com/elmodocs2/security/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2006-6939
https://notcve.org/view.php?id=CVE-2006-6939
GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. GNU ed anterior a 0.3 permite a usuarios locales sobrescribir archivos de su elección mediante un ataque de enlace simbólico en ficheros temporales, posiblemente en la función open_sbuf. • http://fedoranews.org/cms/node/2449 http://fedoranews.org/cms/node/2450 http://freshmeat.net/projects/ed/?branch_id=17855&release_id=240890 http://secunia.com/advisories/23832 http://secunia.com/advisories/23848 http://secunia.com/advisories/23857 http://secunia.com/advisories/24054 http://www.mandriva.com/security/advisories?name=MDKSA-2007:023 http://www.securityfocus.com/bid/22129 http://www.trustix.org/errata/2007/0005 http://www.vupen.com/english/advisories/2006 •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2000-1137
https://notcve.org/view.php?id=CVE-2000-1137
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359 http://www.debian.org/security/2000/20001129 http://www.linux-mandrake.com/en/security/MDKSA-2000-076.php3 http://www.osvdb.org/6491 http://www.redhat.com/support/errata/RHSA-2000-123.html https://exchange.xforce.ibmcloud.com/vulnerabilities/5723 •