Vulnerability: Local Users Can Overwrite Files in Joe Text Editor's DEADJOE Rescue Copy

Vulnerability: Local Users Can Overwrite Files in Joe Text Editor's DEADJOE Rescue Copy

CVE-2000-1178 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes.

Learn more about our User Device Pen Test.