Solution
Please Install the Updated Packages.
Insight
ed is a line-oriented text editor, used to create, display, and modify text files (both interactively and via shell scripts).
A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor. (CVE-2008-3916)
Users of ed should upgrade to this updated package, which contains a backported patch to resolve this issue.
Affected
ed on CentOS 4
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-3916 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities