{"vuid":"VU#203203","idnumber":"203203","name":"Buffer-overflow vulnerability in Midnight Commander","keywords":["Midnight Commander","/usr/bin/mcedit","mcedit","buffer overflow"],"overview":"The mcedit component of some versions of Midnight Commander contains a buffer-overflow vulnerability.","clean_desc":"Midnight Commander is a file manager for open source operating systems, distributed under the GNU General Public License (GPL). In version 4.5.1 of Midnight Commander, the mcedit text editor component contains an unspecified buffer-overflow vulnerability that can be exploited to cause a segmentation fault.","impact":"The complete impact of this vulnerability is not yet known. Local attackers can cause a segmentation fault in mdedit. It may be possible to execute arbitrary code, though this has not been demonstrated or proven.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"None.","sysaffected":"","thanks":"Thanks to Izik for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["h","t","t","p",":","/","/","w","w","w",".","i","b","i","b","l","i","o",".","o","r","g","/","m","c","/"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2001-11-12T17:51:46Z","publicdate":"2001-11-12T17:56:11Z","datefirstpublished":"2002-08-06T23:19:32Z","dateupdated":"2004-02-06T20:08:40Z","revision":9,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"3","cam_population":"10","cam_impact":"2","cam_easeofexploitation":"8","cam_attackeraccessrequired":"10","cam_scorecurrent":"0.54","cam_scorecurrentwidelyknown":"0.69","cam_scorecurrentwidelyknownexploited":"1.29","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.54,"vulnote":null}