Vulnerabilities > GNU > ED
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-17 | CVE-2017-5357 | Use After Free vulnerability in multiple products regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free. | 7.5 |
2008-09-04 | CVE-2008-3916 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in GNU ED Heap-based buffer overflow in the strip_escapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. | 9.3 |
2007-01-17 | CVE-2006-6939 | Unspecified vulnerability in GNU ED 0.2 GNU ed before 0.3 allows local users to overwrite arbitrary files via a symlink attack on temporary files, possibly in the open_sbuf function. | 4.6 |
2001-01-09 | CVE-2000-1137 | Unspecified vulnerability in GNU ED GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | 4.6 |