|
GNU ed File Processing 'strip_escapes()' Heap Overflow Vulnerability
GNU ed is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input. Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts will result in a denial-of-service condition. Versions prior to GNU ed 1.0 are vulnerable. |
|
 Privacy Statement |
