← CVECheck
HomeVulnerabilities

CVE-2002-2334 — LOW severity vulnerability (Joe text editor 2.8 through 2.9.7 does not remove the group)

Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users.

CVE IDCVE-2002-2334
SeverityLOW
CVSS score3.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:N
CWECWE-264
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionJoe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →