CVE Catalog

CVE-1999-1545

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.32%

24th percentile — higher than 24% of all known CVEs

Summary

Joe's Own Editor (joe) version 2.8 sets world-readable permissions on its crash-save file, DEADJOE, which could allow local users to read files being edited by other users.

Risk Assessment

The risk is that local users may gain access to private data of other users, violating information confidentiality.

Recommendation

It is recommended to change the permissions of the DEADJOE file to restrict access to the file owner only.

Original NVD description (English source)

Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS