PT-1999-1778 · Joe'S Own Editor · Joe

Published

1999-07-14

Updated

2016-10-18

CVE-1999-1545

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Joe's Own Editor (joe) version 2.8

Description: The issue allows local users to read files that were being edited by other users, due to the world-readable permission set on the crash-save file, DEADJOE.

Recommendations: For version 2.8, consider changing the permissions of the DEADJOE file to prevent other users from reading it, or implement access controls to restrict access to the file.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1545

Affected Products

Joe

PT-1999-1778 · Joe'S Own Editor · Joe

CVE-1999-1545

Related Identifiers

Affected Products

References · 3