CVE-2001-0289

Опубликовано: 03 мая 2001

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-02/0490.html
Patch
Vendor Advisory
http://www.debian.org/security/2001/dsa-041
Patch
Vendor Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-026.php3
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-024.html
http://archives.neohapsis.com/archives/bugtraq/2001-02/0490.html
Patch
Vendor Advisory
http://www.debian.org/security/2001/dsa-041
Patch
Vendor Advisory
http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-026.php3
Patch
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2001-024.html

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:joseph_allen:joe:2.8:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00246

Низкий

4.6 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2001-0289

redhat

больше 24 лет назад

GHSA-767p-jcph-vjj3

github

больше 3 лет назад