CVE-2000-1137

8 documents7 sources
Severity
4.6MEDIUM
EPSS
0.1%
top 78.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU ED
Timeline
PublishedJan 9
Latest updateApr 30

Description

GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDgnu/ed4 versions+3

Patches

Patch: www.redhat.comPatch: www.redhat.com

🔴Vulnerability Details

2
GHSA
GHSA-qpw8-2v6f-pwj8: GNU ed before 02022-04-30
CVEList
CVE-2000-1137: GNU ed before 02001-01-22

💥Exploits & PoCs

1
Exploit-DB
Zone Labs ZoneAlarm 2.1 Personal Firewall - Port 672000-04-24

📋Vendor Advisories

2
Chrome
Stable Channel Update for Desktop: CVE-2022-11362022-03-29
Red Hat
security flaw2000-11-29

💬Community

2
Bugzilla
CVE-2000-1137 security flaw2018-08-16
Bugzilla
CVE-2000-1137 ed uses mktemp + fopen for scratch files2000-11-29
CVE-2000-1137 (MEDIUM CVSS 4.6) | GNU ed before 0.2-18.1 allows local | cvebase.io