CVE-2001-0289

Name of the Vulnerable Software and Affected Versions Joe text editor version 2.8

Description The issue allows local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory. This occurs because Joe text editor searches the current working directory for the .joerc configuration file.

Recommendations For Joe text editor version 2.8, consider restricting access to the .joerc configuration file to prevent unauthorized modifications, and avoid executing joe from untrusted directories until a fix is available.