Vulnerability Details : CVE-2000-1137
GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack.
Exploit prediction scoring system (EPSS) score for CVE-2000-1137
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2000-1137
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
Vendor statements for CVE-2000-1137
-
Red Hat 2007-03-14Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.
-
http://www.redhat.com/support/errata/RHSA-2000-123.html
Patch;Vendor Advisory
-
http://www.debian.org/security/2000/20001129
-
http://www.linux-mandrake.com/en/security/MDKSA-2000-076.php3
-
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000359
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/5723
- cpe:2.3:a:gnu:ed:2.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:ed:2.16tr:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:ed:2.18:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:ed:2.18.0:*:*:*:*:*:*:*