Lucene search
HistoryMay 03, 2001 - 4:00 a.m.
CVE-2001-0289
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0
Percentile
0.4%
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory.
Affected configurations
Node
joseph_allenjoeMatch2.8
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joseph_allen | joe | 2.8 | cpe:2.3:a:joseph_allen:joe:2.8:*:*:*:*:*:*:* |
Related
openvas
openvas
Debian Security Advisory DSA 041-1 (joe)
2008-01-17 00:00:00
Debian Security Advisory DSA 041-1 (joe)
2008-01-17 00:00:00
cve
cve
CVE-2001-0289
2001-05-07 04:00:00
nessus
nessus
Mandrake Linux Security Advisory : joe (MDKSA-2001:026)
2012-09-06 00:00:00
Debian DSA-041-1 : joe - local exploit
2004-09-29 00:00:00
cvelist
cvelist
CVE-2001-0289
2001-05-07 04:00:00
exploitdb
exploitdb
Joe Text Editor 2.8 - '.joerc' Arbitrary Command Execution
2001-02-28 00:00:00
CVSS2
4.6
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0
Percentile
0.4%
Related for NVD:CVE-2001-0289