Vulnerability Note VU#203203
Buffer-overflow vulnerability in Midnight Commander
The mcedit component of some versions of Midnight Commander contains a buffer-overflow vulnerability.
Midnight Commander is a file manager for open source operating systems, distributed under the GNU General Public License (GPL). In version 4.5.1 of Midnight Commander, the mcedit text editor component contains an unspecified buffer-overflow vulnerability that can be exploited to cause a segmentation fault.
The complete impact of this vulnerability is not yet known. Local attackers can cause a segmentation fault in mdedit. It may be possible to execute arbitrary code, though this has not been demonstrated or proven.
The CERT/CC is currently unaware of a practical solution to this problem.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Midnight Commander Developers||Unknown||-||29 Jan 2002|
CVSS Metrics (Learn More)
Thanks to Izik for reporting this vulnerability.
This document was written by Shawn Van Ittersum.
- CVE IDs: Unknown
- Date Public: 12 Nov 2001
- Date First Published: 06 Aug 2002
- Date Last Updated: 06 Feb 2004
- Severity Metric: 0.54
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.