GNU ed File Processing 'strip_escapes()' Heap Overflow Vulnerability

GNU ed File Processing 'strip_escapes()' Heap Overflow Vulnerability

GNU ed is prone to a heap-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows attackers to execute arbitrary code with the privileges of a user running the application. Failed exploit attempts will result in a denial-of-service condition.

Versions prior to GNU ed 1.0 are vulnerable.