Vulnerabilites related to gnu - emacs
Vulnerability from fkie_nvd
Published
2000-04-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords."
}
],
"id": "CVE-2000-0271",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1125"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2001-08-07 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xemacs:xemacs:21.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "2AA513F9-7E08-4239-8707-42A0C2DB8F57",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file."
}
],
"id": "CVE-2001-1301",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 1.2,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-08-07T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html"
},
{
"source": "cve@mitre.org",
"url": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/11210.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/11210.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-12 19:20
Modified
2025-04-09 00:30
Severity ?
Summary
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:xemacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9B14A7-78B9-4229-A165-32C1438EC9C8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code."
},
{
"lang": "es",
"value": "Emacs versi\u00f3n 21 y XEmacs cargan y ejecutan autom\u00e1ticamente archivos .flc (fast lock) que est\u00e1n asociados con otros archivos que son editados en Emacs, lo que permite a los atacantes asistidos por el usuario ejecutar c\u00f3digo arbitrario."
}
],
"id": "CVE-2008-2142",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2008-05-12T19:20:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30199"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30216"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30303"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30581"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30827"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34004"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200902-06.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://thread.gmane.org/gmane.emacs.devel/96903"
},
{
"source": "cve@mitre.org",
"url": "http://tracker.xemacs.org/XEmacs/its/issue378"
},
{
"source": "cve@mitre.org",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:153"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:154"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492657/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/29176"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020019"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1539/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1540/references"
},
{
"source": "cve@mitre.org",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=221197"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42362"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-2529"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30216"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30303"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200902-06.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://thread.gmane.org/gmane.emacs.devel/96903"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tracker.xemacs.org/XEmacs/its/issue378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492657/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29176"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020019"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1539/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1540/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=221197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-2529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-25 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| notmuchmail | notmuch | * | |
| notmuchmail | notmuch | 0.1 | |
| notmuchmail | notmuch | 0.1.1 | |
| notmuchmail | notmuch | 0.2 | |
| notmuchmail | notmuch | 0.3 | |
| notmuchmail | notmuch | 0.3.1 | |
| notmuchmail | notmuch | 0.4 | |
| notmuchmail | notmuch | 0.5 | |
| notmuchmail | notmuch | 0.6 | |
| notmuchmail | notmuch | 0.6 | |
| notmuchmail | notmuch | 0.6 | |
| notmuchmail | notmuch | 0.6.1 | |
| notmuchmail | notmuch | 0.7 | |
| notmuchmail | notmuch | 0.7 | |
| notmuchmail | notmuch | 0.8 | |
| notmuchmail | notmuch | 0.8 | |
| notmuchmail | notmuch | 0.8 | |
| notmuchmail | notmuch | 0.9 | |
| notmuchmail | notmuch | 0.9 | |
| notmuchmail | notmuch | 0.9 | |
| notmuchmail | notmuch | 0.10 | |
| notmuchmail | notmuch | 0.10 | |
| notmuchmail | notmuch | 0.10 | |
| notmuchmail | notmuch | 0.10.1 | |
| notmuchmail | notmuch | 0.10.2 | |
| notmuchmail | notmuch | 0.11 | |
| notmuchmail | notmuch | 0.11 | |
| notmuchmail | notmuch | 0.11 | |
| notmuchmail | notmuch | 0.11 | |
| notmuchmail | notmuch | 0.11 | |
| gnu | emacs | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB1500D-9150-4BBF-91BD-A68733C64C20",
"versionEndIncluding": "0.11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "14A0CF88-A2C2-4B35-9965-2618570B702A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C2229CDF-387B-43E6-85C6-7275224C596B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B91CE3D6-6A05-42E1-82A9-9808967B8E3F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2FA9EAB-0A4A-43E0-A927-F7D2700C3314",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D0474D6-0E0E-4647-B0A7-782C8C4294C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E13D7E98-A8CE-4403-A719-D9D0DB802CA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9A72A463-C251-4B84-8339-0F70B5643B12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0DB96230-DC49-4AAC-A90F-5EFA030DC9F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.6:254:*:*:*:*:*:*",
"matchCriteriaId": "DDD064CA-5162-4C8A-B40B-EE4A802B71B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.6:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D3745A16-9CCB-4036-A235-9E99ADAF7508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F9EF2B1-879C-4E65-A5C8-412A5CD1D4A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "14967A70-17B6-4488-B0C4-7C63F0BAD345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.7:rc1:*:*:*:*:*:*",
"matchCriteriaId": "A3996C02-D377-45E7-908F-F08DAD0C8ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "26BF6FB2-DAEF-459A-8F15-6B6B9543AF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.8:rc0:*:*:*:*:*:*",
"matchCriteriaId": "C3C2CB33-0E7B-4152-AFA2-1665694FC249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.8:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EC445E89-A292-4D1D-BF62-145567D304B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "359AFDBB-811E-47DC-95A5-A5282880CEF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.9:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F132E0D2-9859-4D29-A134-9DBE3279CF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.9:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BEA36D17-1F14-4717-A2D4-0CA5BFC0615A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5B95DD4E-B5EC-4E96-8043-47C254C8EF2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "ED2DD848-DD3C-47EB-84EA-34788DCE0A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.10:rc2:*:*:*:*:*:*",
"matchCriteriaId": "CAC9C2ED-C862-47B7-BC38-7DEC8E5862A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "435B1163-6B1D-44B7-9E4E-26F56D536EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "752A40E9-3EF3-49E3-BDD8-1788B4F3D307",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.11:rc1:*:*:*:*:*:*",
"matchCriteriaId": "7A2BAF5C-9BB8-4913-A1B8-695180701CE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.11:rc2:*:*:*:*:*:*",
"matchCriteriaId": "26790804-3EA7-4B5D-A6C0-26B36DB90455",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.11:rc2-1:*:*:*:*:*:*",
"matchCriteriaId": "A24E7B09-78ED-4711-843A-89C448AC176A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.11:rc3:*:*:*:*:*:*",
"matchCriteriaId": "5C115700-5633-4075-B639-278208446289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:notmuchmail:notmuch:0.11:rc3-1:*:*:*:*:*:*",
"matchCriteriaId": "1466EABE-D6CD-4874-88BD-69B1FBF7111C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:-:*:*:*:*:*:*:*",
"matchCriteriaId": "25C568C8-14C8-4243-98DB-7914F4B63F99",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message."
},
{
"lang": "es",
"value": "emacs/notmuch-mua.el en notmuch antes de v0.11.1, cuando se utiliza el interface Emacs, permite leer archivos de su elecci\u00f3n a atacantes remotos con cierta ayuda de usuarios locales a trav\u00e9s de etiquetas MML modificadas, que no est\u00e1n debidamente marcadas en una respuesta de correo electr\u00f3nico podr\u00eda ocasionar que cualquier tipo de fichero pudiera ser adjuntarse al mensaje.\r\n"
}
],
"id": "CVE-2012-1103",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-09-25T23:55:01.923",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://notmuchmail.org/news/release-0.11.1/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48139"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2012/dsa-2416"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/04/5"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/6"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/52155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://notmuchmail.org/news/release-0.11.1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/48139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2012/dsa-2416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/04/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/52155"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-06-23 22:15
Modified
2025-04-30 16:44
Severity ?
Summary
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A2FCE1A3-09E0-4700-91DE-AD79D3B2FAA8",
"versionEndExcluding": "29.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5."
},
{
"lang": "es",
"value": "En Emacs anterior a 29.4, org-link-expand-abbrev en lisp/ol.el expande una abreviatura de enlace %(...) incluso cuando especifica una funci\u00f3n no segura, como shell-command-to-string. Esto afecta al modo de organizaci\u00f3n anterior a 9.7.5."
}
],
"id": "CVE-2024-39331",
"lastModified": "2025-04-30T16:44:51.867",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-06-23T22:15:09.370",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://list.orgmode.org/87sex5gdqc.fsf%40localhost/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00024.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://news.ycombinator.com/item?id=40768225"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://list.orgmode.org/87sex5gdqc.fsf%40localhost/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://news.ycombinator.com/item?id=40768225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-07 11:46
Modified
2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DD426FD8-4155-4FC5-8114-266BD0FCA841",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en emacs, permite a los atacantes asistidos por el usuario causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente tener otro impacto no especificado por medio de un valor de gran precisi\u00f3n en un especificador de cadena de formato de enteros para la funci\u00f3n format, como es demostrado por medio de una determinada l\u00ednea de comandos \"emacs -batch -eval\"."
}
],
"id": "CVE-2007-6109",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-07T11:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
},
{
"source": "cve@mitre.org",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27965"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27984"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/28838"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30109"
},
{
"source": "cve@mitre.org",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/607-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/607-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider this issue to be a security vulnerability since no trust boundary is crossed. The user must voluntarily interact with the attack mechanism to exploit this flaw, with the result being the ability to run code as themselves.",
"lastModified": "2007-12-11T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable."
}
],
"id": "CVE-2003-1232",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2003-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183"
},
{
"source": "cve@mitre.org",
"url": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17496"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:208"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/15375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:208"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/15375"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess."
}
],
"id": "CVE-2000-0269",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1125"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-09-14 16:29
Modified
2025-04-20 01:37
Severity ?
Summary
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | emacs | * | |
| debian | debian_linux | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "07D81FB9-4FD0-41B9-8BFB-37EB24EE3939",
"versionEndIncluding": "25.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted \"Content-Type: text/enriched\" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article)."
},
{
"lang": "es",
"value": "GNU Emacs en versiones anteriores a la 25.3 permite que atacantes remotos ejecuten c\u00f3digo arbitrario por email con datos \"Content-Type: text/enriched\" manipulados que contienen un elemento x-display XML que especifica la ejecuci\u00f3n de comandos shell. Esto est\u00e1 relacionado con una extensi\u00f3n text/enriched no segura en lisp/textmodes/enriched.el, as\u00ed como con un soporte Gnus inseguro para objetos MIME \"enriched\" y \"richtext\" en lisp/gnus/mm-view.el. Concretamente, es posible que un usuario de Emacs quede comprometido instant\u00e1neamente leyendo un mensaje de correo electr\u00f3nico manipulado (o un art\u00edculo de noticias de Usenet)."
}
],
"id": "CVE-2017-14482",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-09-14T16:29:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2017/dsa-3975"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/11/1"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2017:2771"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70"
},
{
"source": "cve@mitre.org",
"url": "https://security.gentoo.org/glsa/201801-07"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3970"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.gnu.org/software/emacs/index.html#Releases"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2017/dsa-3975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/11/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2017:2771"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201801-07"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2017/dsa-3970"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.gnu.org/software/emacs/index.html#Releases"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-28 15:29
Modified
2025-04-20 01:37
Severity ?
Summary
Emacs 24.4 allows remote attackers to bypass security restrictions.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | http://www.openwall.com/lists/oss-security/2015/01/03/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1181599 | Issue Tracking, Third Party Advisory | |
| secalert@redhat.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/99688 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/01/03/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1181599 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/99688 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:24.4:*:*:*:*:*:*:*",
"matchCriteriaId": "724594E6-5FFE-432C-90A9-279D5657A254",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Emacs 24.4 allows remote attackers to bypass security restrictions."
},
{
"lang": "es",
"value": "Emacs 24.4 permite a los atacantes remotos que omitan las restricciones de seguridad"
}
],
"id": "CVE-2014-9483",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-28T15:29:00.720",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-25 15:15
Modified
2025-05-01 14:33
Severity ?
Summary
In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B7CDB1-3230-40DE-9425-EE9F469E5C5A",
"versionEndExcluding": "29.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*",
"matchCriteriaId": "4EB86482-347A-4F21-86A8-1DADB475E29C",
"versionEndExcluding": "9.6.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23."
},
{
"lang": "es",
"value": "En Emacs anterior a 29.3, el c\u00f3digo Lisp arbitrario se eval\u00faa como parte de activar el modo Org. Esto afecta al modo de organizaci\u00f3n anterior a la versi\u00f3n 9.6.23."
}
],
"id": "CVE-2024-30202",
"lastModified": "2025-05-01T14:33:59.357",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-25T15:15:52.427",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=befa9fcaae29a6c9a283ba371c3c5234c7f644eb"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=003ddacf1c8d869b1858181c29ea21b731a8d8d9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=befa9fcaae29a6c9a283ba371c3c5234c7f644eb"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=003ddacf1c8d869b1858181c29ea21b731a8d8d9"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-31 20:29
Modified
2025-04-20 01:37
Severity ?
Summary
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2017/10/31/1 | Mailing List, Third Party Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/101671 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2017/10/31/1 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101671 | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD011634-56BE-4D2A-B6CC-320C6DB7FC9B",
"versionEndIncluding": "25.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file (\"[ORIGINAL_FILENAME]~\") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary."
},
{
"lang": "es",
"value": "GNU Emacs en la versi\u00f3n 25.3.1 (y, muy probablemente, en otras versiones) ignora la m\u00e1scara de usuario cuando se crea un archivo de guardado de copia de seguridad (\"[ORIGINAL_FILENAME]~\"), lo que da como resultado archivos que podr\u00edan ser legibles por cualquier usuario o accesibles de formas no planeadas por el usuario que ejecuta el binario de emacs."
}
],
"id": "CVE-2017-1000383",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-31T20:29:00.310",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/31/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/31/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101671"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia_project | mageia | 3 | |
| mageia_project | mageia | 4 | |
| gnu | emacs | * | |
| gnu | emacs | 20.0 | |
| gnu | emacs | 20.1 | |
| gnu | emacs | 20.2 | |
| gnu | emacs | 20.3 | |
| gnu | emacs | 20.4 | |
| gnu | emacs | 20.5 | |
| gnu | emacs | 20.6 | |
| gnu | emacs | 20.7 | |
| gnu | emacs | 21 | |
| gnu | emacs | 21.1 | |
| gnu | emacs | 21.2 | |
| gnu | emacs | 21.2.1 | |
| gnu | emacs | 21.3 | |
| gnu | emacs | 21.3.1 | |
| gnu | emacs | 21.4 | |
| gnu | emacs | 22.1 | |
| gnu | emacs | 22.2 | |
| gnu | emacs | 22.3 | |
| gnu | emacs | 23.1 | |
| gnu | emacs | 23.2 | |
| gnu | emacs | 23.3 | |
| gnu | emacs | 23.4 | |
| gnu | emacs | 24.1 | |
| gnu | emacs | 24.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia_project:mageia:3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1911F9C-95A5-49DD-80F0-472BE92D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia_project:mageia:4:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB6C80D-ADCA-481E-B54B-3BEA3D7D3107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE0411-D27E-49B6-8F8B-972A2E9985FC",
"versionEndIncluding": "24.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "123EF408-7950-4856-8A8D-B5553A0FFF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC26DAB-A671-47BE-84DD-AD0A4CF72079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38737529-7787-45AD-81FB-8571789BAEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file."
},
{
"lang": "es",
"value": "lisp/net/browse-url.el en GNU Emacs 24.3 y anteriores permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un archivo /tmp/Mosaic.##### temporal."
}
],
"id": "CVE-2014-3423",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:05.417",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "cve@mitre.org",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-11-28 06:15
Modified
2025-04-28 19:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | emacs | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 | |
| fedoraproject | fedora | 36 | |
| fedoraproject | fedora | 37 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E37D947-CF14-442A-B26B-3C570DB9D5E1",
"versionEndIncluding": "28.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
"matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the \"ctags *\" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input."
},
{
"lang": "es",
"value": "GNU Emacs hasta la versi\u00f3n 28.2 permite a los atacantes ejecutar comandos a trav\u00e9s de metacaracteres de shell en el nombre de un archivo de c\u00f3digo fuente, porque lib-src/etags.c utiliza la funci\u00f3n de librer\u00eda C del sistema en su implementaci\u00f3n del programa ctags. Por ejemplo, una v\u00edctima puede utilizar el comando \"ctags *\" (sugerido en la documentaci\u00f3n de ctags) en una situaci\u00f3n en la que el directorio de trabajo actual tiene contenidos que dependen de entradas que no son de confianza."
}
],
"id": "CVE-2022-45939",
"lastModified": "2025-04-28T19:15:46.493",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2022-11-28T06:15:10.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5314"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-09 06:15
Modified
2025-03-05 18:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63E864C7-D01F-468E-B57F-01BB09C275EC",
"versionEndIncluding": "28.2",
"versionStartIncluding": "28.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90."
}
],
"id": "CVE-2023-27986",
"lastModified": "2025-03-05T18:15:35.673",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-09T06:15:33.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"source": "cve@mitre.org",
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-20 23:15
Modified
2025-03-18 16:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | emacs | * | |
| debian | debian_linux | 11.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E37D947-CF14-442A-B26B-3C570DB9D5E1",
"versionEndIncluding": "28.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the \"etags -u *\" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input."
}
],
"id": "CVE-2022-48337",
"lastModified": "2025-03-18T16:15:14.647",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-20T23:15:12.243",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-11-02 22:46
Modified
2025-04-09 00:30
Severity ?
Summary
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4C8919F1-CD33-437E-9627-69352B276BA3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4FB1FAE-4C0F-4F1E-B2D8-C56B5603937D",
"versionEndIncluding": "22.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F4FB1FAE-4C0F-4F1E-B2D8-C56B5603937D",
"versionEndIncluding": "22.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration."
},
{
"lang": "es",
"value": "La funci\u00f3n hack-local-variables en el Emacs anterior al 22.2, cuando el enable-local-variables est\u00e1 establecido a :safe, no busca correctamente las listas de las variables no seguras o de riesgo, lo que permite a permite a atacantes con la intervenci\u00f3n del usuario evitar las restricciones y modificar variables de programa cr\u00edticas a trav\u00e9s de un fichero que contiene declaraciones de variables Locales."
}
],
"id": "CVE-2007-5795",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 9.2,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-11-02T22:46:00.000",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008"
},
{
"source": "secalert@redhat.com",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=197958"
},
{
"source": "secalert@redhat.com",
"url": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29"
},
{
"source": "secalert@redhat.com",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://osvdb.org/42060"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27508"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27627"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27728"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/27984"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "secalert@redhat.com",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/26327"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/usn-541-1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2007/3715"
},
{
"source": "secalert@redhat.com",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "secalert@redhat.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38263"
},
{
"source": "secalert@redhat.com",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00524.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=197958"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/42060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27508"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29420"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-541-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00524.html"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issue did not affect versions of Emacs as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.",
"lastModified": "2007-11-09T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-20 23:15
Modified
2025-03-18 16:15
Severity ?
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Summary
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E37D947-CF14-442A-B26B-3C570DB9D5E1",
"versionEndIncluding": "28.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed."
}
],
"id": "CVE-2022-48338",
"lastModified": "2025-03-18T16:15:14.863",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-20T23:15:12.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2000-04-18 04:00
Modified
2025-04-03 01:03
Severity ?
Summary
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack."
}
],
"id": "CVE-2000-0270",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2000-04-18T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1126"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/1126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-25 15:15
Modified
2025-05-01 14:33
Severity ?
Summary
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B7CDB1-3230-40DE-9425-EE9F469E5C5A",
"versionEndExcluding": "29.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*",
"matchCriteriaId": "4EB86482-347A-4F21-86A8-1DADB475E29C",
"versionEndExcluding": "9.6.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments."
},
{
"lang": "es",
"value": "En Emacs anterior a 29.3, la vista previa de LaTeX est\u00e1 habilitada de forma predeterminada para los archivos adjuntos de correo electr\u00f3nico."
}
],
"id": "CVE-2024-30204",
"lastModified": "2025-05-01T14:33:32.203",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-25T15:15:52.523",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=6f9ea396f49cbe38c2173e0a72ba6af3e03b271c"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=6f9ea396f49cbe38c2173e0a72ba6af3e03b271c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-276"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia_project | mageia | 3 | |
| mageia_project | mageia | 4 | |
| gnu | emacs | * | |
| gnu | emacs | 20.0 | |
| gnu | emacs | 20.1 | |
| gnu | emacs | 20.2 | |
| gnu | emacs | 20.3 | |
| gnu | emacs | 20.4 | |
| gnu | emacs | 20.5 | |
| gnu | emacs | 20.6 | |
| gnu | emacs | 20.7 | |
| gnu | emacs | 21 | |
| gnu | emacs | 21.1 | |
| gnu | emacs | 21.2 | |
| gnu | emacs | 21.2.1 | |
| gnu | emacs | 21.3 | |
| gnu | emacs | 21.3.1 | |
| gnu | emacs | 21.4 | |
| gnu | emacs | 22.1 | |
| gnu | emacs | 22.2 | |
| gnu | emacs | 22.3 | |
| gnu | emacs | 23.1 | |
| gnu | emacs | 23.2 | |
| gnu | emacs | 23.3 | |
| gnu | emacs | 23.4 | |
| gnu | emacs | 24.1 | |
| gnu | emacs | 24.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia_project:mageia:3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1911F9C-95A5-49DD-80F0-472BE92D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia_project:mageia:4:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB6C80D-ADCA-481E-B54B-3BEA3D7D3107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE0411-D27E-49B6-8F8B-972A2E9985FC",
"versionEndIncluding": "24.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "123EF408-7950-4856-8A8D-B5553A0FFF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC26DAB-A671-47BE-84DD-AD0A4CF72079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38737529-7787-45AD-81FB-8571789BAEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file."
},
{
"lang": "es",
"value": "lisp/gnus/gnus-fun.el en GNU Emacs 24.3 y anteriores permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre el archivo /tmp/gnus.face.ppm temporal."
}
],
"id": "CVE-2014-3421",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:05.217",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "cve@mitre.org",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-11-27 15:15
Modified
2025-04-30 16:21
Severity ?
Summary
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96EC361D-1CD4-4AE3-AF24-F277BDA1182D",
"versionEndExcluding": "30.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)"
},
{
"lang": "es",
"value": "En elisp-mode.el de GNU Emacs hasta la versi\u00f3n 30.0.92, un usuario que elija invocar elisp-completion-at-point (para completar el c\u00f3digo) en c\u00f3digo fuente de Emacs Lisp que no sea de confianza puede desencadenar una expansi\u00f3n de macros de Lisp no segura que permita a los atacantes ejecutar c\u00f3digo arbitrario. (Esta expansi\u00f3n no segura tambi\u00e9n ocurre si un usuario elige habilitar el diagn\u00f3stico sobre la marcha de que byte compila c\u00f3digo fuente de Emacs Lisp que no es de confianza)."
}
],
"id": "CVE-2024-53920",
"lastModified": "2025-04-30T16:21:59.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-11-27T15:15:26.837",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-30.0.92"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4"
},
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=42256409"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-01-19 15:55
Modified
2025-04-11 00:51
Severity ?
Summary
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| eric_m_ludlam | cedet | * | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| eric_m_ludlam | cedet | 1.0 | |
| gnu | emacs | * | |
| gnu | emacs | 20.0 | |
| gnu | emacs | 20.1 | |
| gnu | emacs | 20.2 | |
| gnu | emacs | 20.3 | |
| gnu | emacs | 20.4 | |
| gnu | emacs | 20.5 | |
| gnu | emacs | 20.6 | |
| gnu | emacs | 20.7 | |
| gnu | emacs | 21 | |
| gnu | emacs | 21.1 | |
| gnu | emacs | 21.2 | |
| gnu | emacs | 21.2.1 | |
| gnu | emacs | 21.3 | |
| gnu | emacs | 21.3.1 | |
| gnu | emacs | 21.4 | |
| gnu | emacs | 22.1 | |
| gnu | emacs | 22.2 | |
| gnu | emacs | 22.3 | |
| gnu | emacs | 23.1 | |
| gnu | emacs | 23.2 | |
| gnu | emacs | 23.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81840C8F-0D7C-46B0-8BF2-328DF34AD6B5",
"versionEndIncluding": "1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta1:*:*:*:*:*:*",
"matchCriteriaId": "7A64840D-EDD2-4776-8F76-108A85604524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta2:*:*:*:*:*:*",
"matchCriteriaId": "AD9BFD76-DBD0-4FA7-AC95-9ED86F041840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta3:*:*:*:*:*:*",
"matchCriteriaId": "C249F7CC-3524-4CA2-B838-F659B825BB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre1:*:*:*:*:*:*",
"matchCriteriaId": "97721CF9-7FE5-4A35-9982-7A358D707149",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre2:*:*:*:*:*:*",
"matchCriteriaId": "98E05598-6322-4EAA-9BFF-B8A7DE63E959",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre3:*:*:*:*:*:*",
"matchCriteriaId": "D62A1EF8-7EF8-4AEA-91A9-F47FD72D52DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre4:*:*:*:*:*:*",
"matchCriteriaId": "814A737D-C0C5-405E-AFF6-EB554AE4151A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre6:*:*:*:*:*:*",
"matchCriteriaId": "40CF2404-803C-478C-9111-FFA9173C89B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre7:*:*:*:*:*:*",
"matchCriteriaId": "A30EB0E8-2CB4-4EC5-A280-3CF3BDBEC969",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2680B3-7AE8-47E3-9027-9CFB19292AC4",
"versionEndIncluding": "23.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ruta de b\u00fasqueda no confiable en EDE en CEDET antes de v1.0.1, tal como se utiliza en GNU Emacs antes de v23.4 y otros productos, permite a usuarios locales conseguir privilegios a trav\u00e9s de una expresi\u00f3n Lisp modificada en un archivo Project.ede en el directorio, o en el directorio padre, de un archivo abierto."
}
],
"evaluatorComment": "Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n\u0027CWE-426: Untrusted Search Path\u0027",
"id": "CVE-2012-0035",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-01-19T15:55:00.943",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/2"
},
{
"source": "secalert@redhat.com",
"url": "http://openwall.com/lists/oss-security/2012/01/10/4"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47311"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47515"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50801"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28649762"
},
{
"source": "secalert@redhat.com",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28657612"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"source": "secalert@redhat.com",
"url": "https://security.gentoo.org/glsa/201812-05"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2012/01/10/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/47515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28649762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28657612"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201812-05"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-09 06:15
Modified
2025-03-05 17:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "63E864C7-D01F-468E-B57F-01BB09C275EC",
"versionEndIncluding": "28.2",
"versionStartIncluding": "28.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90"
}
],
"id": "CVE-2023-27985",
"lastModified": "2025-03-05T17:15:12.623",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-03-09T06:15:32.987",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204"
},
{
"source": "cve@mitre.org",
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-22 04:41
Modified
2025-04-09 00:30
Severity ?
Summary
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:sccs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "08A58299-6BEC-4A2D-ACFB-904B43851D39",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files."
},
{
"lang": "es",
"value": "vcdiff en Emacs 20.7 a 22.1.50, cuando es utilizado con SCCS, permite a usuarios locales sobrescribir ficheros de su elecci\u00f3n a trav\u00e9s de un ataque symlink en ficheros temporales."
}
],
"id": "CVE-2008-1694",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-22T04:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=216880"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29905"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29926"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30109"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:096"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28857"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019909"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1309/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1310/references"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=208483"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41906"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/607-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=216880"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29905"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019909"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1309/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1310/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=208483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41906"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/607-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1694\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/",
"lastModified": "2008-05-01T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-05-17 22:15
Modified
2025-01-22 19:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:2626 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/errata/RHSA-2023:3104 | Third Party Advisory | |
| secalert@redhat.com | https://access.redhat.com/security/cve/CVE-2023-2491 | Third Party Advisory | |
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=2192873 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:2626 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2023:3104 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/security/cve/CVE-2023-2491 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=2192873 | Issue Tracking, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | emacs | 26.1-9.el8 | |
| gnu | emacs | 27.2-8.el9 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux | 9.0 | |
| redhat | enterprise_linux_eus | 8.8 | |
| redhat | enterprise_linux_eus | 9.2 | |
| redhat | enterprise_linux_server_aus | 8.8 | |
| redhat | enterprise_linux_server_aus | 9.2 | |
| redhat | enterprise_linux_server_tus | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:26.1-9.el8:*:*:*:*:*:*:*",
"matchCriteriaId": "0D22AA80-5195-415F-B400-E15FDA9DB01C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:27.2-8.el9:*:*:*:*:*:*:*",
"matchCriteriaId": "28CA40AF-31C9-43CA-B6F1-2B67222B9271",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0CD25A35-9C2B-4382-8720-4E39F928170B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"id": "CVE-2023-2491",
"lastModified": "2025-01-22T19:15:09.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-05-17T22:15:10.997",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:2626"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3104"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2491"
},
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:2626"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2491"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-77"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-04-05 15:30
Modified
2025-04-11 00:51
Severity ?
Summary
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks."
},
{
"lang": "es",
"value": "El fichero lib-src/movemail.c en la funci\u00f3n movemail de emacs v22 y v23 permite a usuarios locales leer, modificar o borrar archivos de buz\u00f3n aleatorios mediante un ataque de enlace simb\u00f3lico, ocasionado por una comprobacion inadecuada de permisos de archivos."
}
],
"id": "CVE-2010-0825",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-05T15:30:01.140",
"references": [
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39155"
},
{
"source": "security@ubuntu.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:083"
},
{
"source": "security@ubuntu.com",
"url": "http://www.ubuntu.com/usn/USN-919-1"
},
{
"source": "security@ubuntu.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0734"
},
{
"source": "security@ubuntu.com",
"url": "http://www.vupen.com/english/advisories/2010/0952"
},
{
"source": "security@ubuntu.com",
"url": "https://bugs.launchpad.net/ubuntu/+bug/531569"
},
{
"source": "security@ubuntu.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:083"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-919-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.launchpad.net/ubuntu/+bug/531569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57457"
}
],
"sourceIdentifier": "security@ubuntu.com",
"vendorComments": [
{
"comment": "Not vulnerable. This issues does not affect the versions of emacs or xemacs as shipped with Red Hat Enterprise Linux. The movemail utility in Red Hat Enterprise Linux does not have the setgid bit set, which is required for this flaw to be exploitable.\n",
"lastModified": "2010-04-06T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-08-25 10:29
Modified
2025-04-11 00:51
Severity ?
Summary
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "123EF408-7950-4856-8A8D-B5553A0FFF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC26DAB-A671-47BE-84DD-AD0A4CF72079",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file."
},
{
"lang": "es",
"value": "lisp/files.el en Emacs v23.2, v23.3, v23.4, y v24.1 ejecuta autom\u00e1ticamente formularios eval en secciones local-variable cuando la opcion en las secciones de variable local cuando la opci\u00f3n enable-local-variables est\u00e1 establecida en :safe, lo que permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo Emacs Lisp de su elecci\u00f3n en un archivo modificado."
}
],
"id": "CVE-2012-3479",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-25T10:29:51.520",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155"
},
{
"source": "secalert@redhat.com",
"url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00057.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50157"
},
{
"source": "secalert@redhat.com",
"url": "http://secunia.com/advisories/50801"
},
{
"source": "secalert@redhat.com",
"url": "http://www.debian.org/security/2013/dsa-2603"
},
{
"source": "secalert@redhat.com",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"source": "secalert@redhat.com",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/1"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/2"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/54969"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securitytracker.com/id?1027375"
},
{
"source": "secalert@redhat.com",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.420006"
},
{
"source": "secalert@redhat.com",
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50157"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/50801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2013/dsa-2603"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/54969"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.420006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-1586-1"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-06-21 20:30
Modified
2025-04-09 00:30
Severity ?
Summary
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| debian | debian_linux | 4.0 | |
| mandrakesoft | mandrake_linux | 2007 | |
| mandrakesoft | mandrake_linux | 2007 | |
| mandrakesoft | mandrake_linux | 2007.1 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 3.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 4.0 | |
| mandrakesoft | mandrake_linux_corporate_server | 4.0 | |
| gnu | emacs | 21 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:alpha:*:*:*:*:*",
"matchCriteriaId": "F5114DA3-FBB9-47C4-857B-3212404DAD4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:amd64:*:*:*:*:*",
"matchCriteriaId": "4D5F5A52-285E-4E7E-83B8-508079DBCEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:arm:*:*:*:*:*",
"matchCriteriaId": "674BE2D9-009B-46C5-A071-CB10368B8D48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:hppa:*:*:*:*:*",
"matchCriteriaId": "703486E5-906B-4BDB-A046-28D4D73E3F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-32:*:*:*:*:*",
"matchCriteriaId": "ABB5AC0D-2358-4C8E-99B5-2CE0A678F549",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:ia-64:*:*:*:*:*",
"matchCriteriaId": "38B37184-BA88-44F1-AC9E-8B60C2419111",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:m68k:*:*:*:*:*",
"matchCriteriaId": "0D8C9247-3E18-4DD9-AF5B-B2996C76443F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mips:*:*:*:*:*",
"matchCriteriaId": "0EEA2CDD-7FCD-461E-90FC-CDB3C3992A32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:mipsel:*:*:*:*:*",
"matchCriteriaId": "D7B877A8-5318-402E-8AE1-753E7419060F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:powerpc:*:*:*:*:*",
"matchCriteriaId": "A3938420-087D-4D92-A2F8-EAE54D9837EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:s-390:*:*:*:*:*",
"matchCriteriaId": "EFB8DE9F-2130-49E9-85EE-6793ED9FBEED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:4.0:*:sparc:*:*:*:*:*",
"matchCriteriaId": "10F42CF8-FB98-4AFC-96C5-FD7D442B0FA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "02362C25-B373-4FB1-AF4A-2AFC7F7D4387",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "19AD5F8D-6EB9-4E4B-9E82-FFBAB68797E9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux:2007.1:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "316AA6EB-7191-479E-99D5-40DA79E340E7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2BB0B27C-04EA-426F-9016-7406BACD91DF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "BB2B1BA5-8370-4281-B5C9-3D4FE6C70FBC",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "94F65351-C2DA-41C0-A3F9-1AE951E4386E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:4.0:*:x86_64:*:*:*:*:*",
"matchCriteriaId": "1B795F9F-AFB3-4A2A-ABC6-9246906800DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
},
{
"lang": "es",
"value": "Emacs 21 permite a atacantes con la intervenci\u00f3n del usuario provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de ciertas im\u00e1genes modificadas, como lo demostrado a trav\u00e9s de im\u00e1genes GIF en el modo vm, relacionado con el c\u00e1lculo del tama\u00f1o de la imagen."
}
],
"id": "CVE-2007-2833",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2007-06-21T20:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/26987"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2007/dsa-1316"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24570"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018277"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/usn-504-1"
},
{
"source": "cve@mitre.org",
"url": "https://issues.rpath.com/browse/RPL-1490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/26987"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2007/dsa-1316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018277"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/usn-504-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://issues.rpath.com/browse/RPL-1490"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "Red Hat does not consider a user-assisted crash of a user application such as Emacs to be a security issue.\n",
"lastModified": "2007-06-26T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-25 15:15
Modified
2025-05-01 14:33
Severity ?
Summary
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B7CDB1-3230-40DE-9425-EE9F469E5C5A",
"versionEndExcluding": "29.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*",
"matchCriteriaId": "4EB86482-347A-4F21-86A8-1DADB475E29C",
"versionEndExcluding": "9.6.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, Gnus treats inline MIME contents as trusted."
},
{
"lang": "es",
"value": "En Emacs anterior a 29.3, Gnus trata el contenido MIME en l\u00ednea como confiable."
}
],
"id": "CVE-2024-30203",
"lastModified": "2025-05-01T14:33:44.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-25T15:15:52.477",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/5"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=937b9042ad7426acdcca33e3d931d8f495bdd804"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=937b9042ad7426acdcca33e3d931d8f495bdd804"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-25 15:15
Modified
2025-05-01 14:32
Severity ?
Summary
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "33B7CDB1-3230-40DE-9425-EE9F469E5C5A",
"versionEndExcluding": "29.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:org_mode:*:*:*:*:*:gnu_emacs:*:*",
"matchCriteriaId": "4EB86482-347A-4F21-86A8-1DADB475E29C",
"versionEndExcluding": "9.6.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23."
},
{
"lang": "es",
"value": "En Emacs anterior a 29.3, el modo Org considera que el contenido de los archivos remotos es confiable. Esto afecta al modo de organizaci\u00f3n anterior a la versi\u00f3n 9.6.23."
}
],
"id": "CVE-2024-30205",
"lastModified": "2025-05-01T14:32:31.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.2,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2024-03-25T15:15:52.567",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=2bc865ace050ff118db43f01457f95f95112b877"
},
{
"source": "cve@mitre.org",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=2bc865ace050ff118db43f01457f95f95112b877"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-02-07 05:00
Modified
2025-04-03 01:03
Severity ?
Summary
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18656642-C693-4BFD-A708-BCBFB5965C2C",
"versionEndIncluding": "20.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:xemacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C335DC66-8037-4457-942A-9F6B83333BAF",
"versionEndIncluding": "21.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets."
}
],
"id": "CVE-2005-0100",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-02-07T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=110780416112719\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-670"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-671"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-685"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:038"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-110.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-112.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-133.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/433928/30/5010/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/12462"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19246"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=110780416112719\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.debian.org/security/2005/dsa-685"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:038"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-110.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-112.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-133.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/433928/30/5010/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/12462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| gnu | emacs | * | |
| gnu | emacs | 20.0 | |
| gnu | emacs | 20.1 | |
| gnu | emacs | 20.2 | |
| gnu | emacs | 20.3 | |
| gnu | emacs | 20.4 | |
| gnu | emacs | 20.5 | |
| gnu | emacs | 20.6 | |
| gnu | emacs | 20.7 | |
| gnu | emacs | 21 | |
| gnu | emacs | 21.1 | |
| gnu | emacs | 21.2 | |
| gnu | emacs | 21.2.1 | |
| gnu | emacs | 21.3 | |
| gnu | emacs | 21.3.1 | |
| gnu | emacs | 21.4 | |
| gnu | emacs | 22.1 | |
| gnu | emacs | 22.2 | |
| gnu | emacs | 22.3 | |
| gnu | emacs | 23.1 | |
| gnu | emacs | 23.2 | |
| gnu | emacs | 23.3 | |
| gnu | emacs | 23.4 | |
| gnu | emacs | 24.1 | |
| gnu | emacs | 24.2 | |
| mageia_project | mageia | 3 | |
| mageia_project | mageia | 4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE0411-D27E-49B6-8F8B-972A2E9985FC",
"versionEndIncluding": "24.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "123EF408-7950-4856-8A8D-B5553A0FFF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC26DAB-A671-47BE-84DD-AD0A4CF72079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38737529-7787-45AD-81FB-8571789BAEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia_project:mageia:3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1911F9C-95A5-49DD-80F0-472BE92D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia_project:mageia:4:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB6C80D-ADCA-481E-B54B-3BEA3D7D3107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/."
},
{
"lang": "es",
"value": "lisp/emacs-lisp/find-gc.el en GNU Emacs 24.3 y anteriores permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un archivo temporal bajo /tmp/esrc/."
}
],
"id": "CVE-2014-3422",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:05.310",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "cve@mitre.org",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2025-04-12 10:46
Severity ?
Summary
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mageia_project | mageia | 3 | |
| mageia_project | mageia | 4 | |
| gnu | emacs | * | |
| gnu | emacs | 20.0 | |
| gnu | emacs | 20.1 | |
| gnu | emacs | 20.2 | |
| gnu | emacs | 20.3 | |
| gnu | emacs | 20.4 | |
| gnu | emacs | 20.5 | |
| gnu | emacs | 20.6 | |
| gnu | emacs | 20.7 | |
| gnu | emacs | 21 | |
| gnu | emacs | 21.1 | |
| gnu | emacs | 21.2 | |
| gnu | emacs | 21.2.1 | |
| gnu | emacs | 21.3 | |
| gnu | emacs | 21.3.1 | |
| gnu | emacs | 21.4 | |
| gnu | emacs | 22.1 | |
| gnu | emacs | 22.2 | |
| gnu | emacs | 22.3 | |
| gnu | emacs | 23.1 | |
| gnu | emacs | 23.2 | |
| gnu | emacs | 23.3 | |
| gnu | emacs | 23.4 | |
| gnu | emacs | 24.1 | |
| gnu | emacs | 24.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:mageia_project:mageia:3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1911F9C-95A5-49DD-80F0-472BE92D7CDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:mageia_project:mageia:4:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB6C80D-ADCA-481E-B54B-3BEA3D7D3107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4BAE0411-D27E-49B6-8F8B-972A2E9985FC",
"versionEndIncluding": "24.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB2E29F-371A-43AB-8CBF-DDFABDB103BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*",
"matchCriteriaId": "05F6124D-F3C1-4E4C-B580-85AB01833885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9571E866-AB82-4B95-8097-ED0DA038331F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3A773690-9650-40E1-BCE3-7E020AF61BCD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*",
"matchCriteriaId": "26D9A554-CB40-461D-9C95-78051B0CA354",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*",
"matchCriteriaId": "7731A395-328A-4435-A388-1419224A4256",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05BDDB87-0AFF-4BDC-995A-94F221ED3641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C4389884-70D2-4915-80A7-CFA4A420A024",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EA95B19B-F35D-4644-9E75-5A138A960C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FC7E9FE5-E87C-440B-A16E-327501BC8977",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9ADF55EE-0F79-414A-B701-14DDA1C9C3B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*",
"matchCriteriaId": "37E5A757-C2C8-49D4-AFCD-156CCF4B7262",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F1D047EC-2354-430D-B44C-FE8574F7617B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*",
"matchCriteriaId": "99B66AEA-D831-4A17-A7D6-4DEDA28985C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*",
"matchCriteriaId": "944A2F7B-375B-4466-8A98-934123C209FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*",
"matchCriteriaId": "123EF408-7950-4856-8A8D-B5553A0FFF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D9948287-D8A4-4B29-9240-FCD25E73B00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECC26DAB-A671-47BE-84DD-AD0A4CF72079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnu:emacs:24.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38737529-7787-45AD-81FB-8571789BAEDB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file."
},
{
"lang": "es",
"value": "lisp/net/tramp-sh.el en GNU Emacs 24.3 y anteriores permite a usuarios locales sobrescribir archivos arbitrarios a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre un archivo /tmp/tramp.##### temporal."
}
],
"id": "CVE-2014-3424",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:05.577",
"references": [
{
"source": "cve@mitre.org",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "cve@mitre.org",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "cve@mitre.org",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"source": "cve@mitre.org",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "cve@mitre.org",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-02-20 23:15
Modified
2025-03-18 16:15
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8E37D947-CF14-442A-B26B-3C570DB9D5E1",
"versionEndIncluding": "28.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed."
}
],
"id": "CVE-2022-48339",
"lastModified": "2025-03-18T16:15:15.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2023-02-20T23:15:12.350",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c"
},
{
"source": "cve@mitre.org",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "cve@mitre.org",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-1116"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2008-2142 (GCVE-0-2008-2142)
Vulnerability from cvelistv5
Published
2008-05-12 19:00
Modified
2024-08-07 08:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:58.576Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2008-5504",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-2529"
},
{
"name": "ADV-2008-1539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1539/references"
},
{
"name": "20080527 rPSA-2008-0177-1 emacs emacs-leim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492657/100/0/threaded"
},
{
"name": "30827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30827"
},
{
"name": "1020019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020019"
},
{
"name": "SUSE-SR:2008:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
},
{
"name": "30199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30199"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=221197"
},
{
"name": "30303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30303"
},
{
"name": "GLSA-200902-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200902-06.xml"
},
{
"name": "30216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30216"
},
{
"name": "MDVSA-2008:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:154"
},
{
"name": "29176",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29176"
},
{
"name": "MDVSA-2008:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:153"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177"
},
{
"name": "34004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34004"
},
{
"name": "[emacs-devel] 20080510 [mwelinder@bogus.example.com: Emacs security bug]",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://thread.gmane.org/gmane.emacs.devel/96903"
},
{
"name": "FEDORA-2008-5446",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://tracker.xemacs.org/XEmacs/its/issue378"
},
{
"name": "ADV-2008-1540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1540/references"
},
{
"name": "30581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30581"
},
{
"name": "xemacs-gnuemacs-flc-code-execution(42362)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42362"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "FEDORA-2008-5504",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-2529"
},
{
"name": "ADV-2008-1539",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1539/references"
},
{
"name": "20080527 rPSA-2008-0177-1 emacs emacs-leim",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492657/100/0/threaded"
},
{
"name": "30827",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30827"
},
{
"name": "1020019",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020019"
},
{
"name": "SUSE-SR:2008:012",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
},
{
"name": "30199",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30199"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.gentoo.org/show_bug.cgi?id=221197"
},
{
"name": "30303",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30303"
},
{
"name": "GLSA-200902-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200902-06.xml"
},
{
"name": "30216",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30216"
},
{
"name": "MDVSA-2008:154",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:154"
},
{
"name": "29176",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29176"
},
{
"name": "MDVSA-2008:153",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:153"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177"
},
{
"name": "34004",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34004"
},
{
"name": "[emacs-devel] 20080510 [mwelinder@bogus.example.com: Emacs security bug]",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://thread.gmane.org/gmane.emacs.devel/96903"
},
{
"name": "FEDORA-2008-5446",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://tracker.xemacs.org/XEmacs/its/issue378"
},
{
"name": "ADV-2008-1540",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1540/references"
},
{
"name": "30581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30581"
},
{
"name": "xemacs-gnuemacs-flc-code-execution(42362)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42362"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2142",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2008-5504",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html"
},
{
"name": "https://issues.rpath.com/browse/RPL-2529",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-2529"
},
{
"name": "ADV-2008-1539",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1539/references"
},
{
"name": "20080527 rPSA-2008-0177-1 emacs emacs-leim",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492657/100/0/threaded"
},
{
"name": "30827",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30827"
},
{
"name": "1020019",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020019"
},
{
"name": "SUSE-SR:2008:012",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html"
},
{
"name": "30199",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30199"
},
{
"name": "https://bugs.gentoo.org/show_bug.cgi?id=221197",
"refsource": "CONFIRM",
"url": "https://bugs.gentoo.org/show_bug.cgi?id=221197"
},
{
"name": "30303",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30303"
},
{
"name": "GLSA-200902-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200902-06.xml"
},
{
"name": "30216",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30216"
},
{
"name": "MDVSA-2008:154",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:154"
},
{
"name": "29176",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29176"
},
{
"name": "MDVSA-2008:153",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:153"
},
{
"name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177",
"refsource": "CONFIRM",
"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177"
},
{
"name": "34004",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34004"
},
{
"name": "[emacs-devel] 20080510 [mwelinder@bogus.example.com: Emacs security bug]",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html"
},
{
"name": "http://thread.gmane.org/gmane.emacs.devel/96903",
"refsource": "MISC",
"url": "http://thread.gmane.org/gmane.emacs.devel/96903"
},
{
"name": "FEDORA-2008-5446",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html"
},
{
"name": "http://tracker.xemacs.org/XEmacs/its/issue378",
"refsource": "MISC",
"url": "http://tracker.xemacs.org/XEmacs/its/issue378"
},
{
"name": "ADV-2008-1540",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1540/references"
},
{
"name": "30581",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30581"
},
{
"name": "xemacs-gnuemacs-flc-code-execution(42362)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42362"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2142",
"datePublished": "2008-05-12T19:00:00",
"dateReserved": "2008-05-12T00:00:00",
"dateUpdated": "2024-08-07T08:49:58.576Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-1301 (GCVE-0-2001-1301)
Vulnerability from cvelistv5
Published
2003-04-02 05:00
Modified
2024-08-08 04:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:51:08.416Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20010807 rcs2log",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html"
},
{
"name": "rcs2log-tmp-symlink(11210)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/11210.php"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-25T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20010807 rcs2log",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html"
},
{
"name": "rcs2log-tmp-symlink(11210)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/11210.php"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-1301",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20010807 rcs2log",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html"
},
{
"name": "rcs2log-tmp-symlink(11210)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/11210.php"
},
{
"name": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95",
"refsource": "CONFIRM",
"url": "http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-1301",
"datePublished": "2003-04-02T05:00:00",
"dateReserved": "2002-05-01T00:00:00",
"dateUpdated": "2024-08-08T04:51:08.416Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-0035 (GCVE-0-2012-0035)
Vulnerability from cvelistv5
Published
2012-01-19 15:00
Modified
2024-08-06 18:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.254Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20120109 CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/2"
},
{
"name": "[cedet-devel] 20120111 CEDET 1.0.1 available online",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28657612"
},
{
"name": "47311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47311"
},
{
"name": "50801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50801"
},
{
"name": "[oss-security] 20120109 Re: Re: CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/4"
},
{
"name": "47515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/47515"
},
{
"name": "[cedet-devel] 20120109 Security flaw in EDE",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28649762"
},
{
"name": "USN-1586-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"name": "MDVSA-2013:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"name": "FEDORA-2012-0462",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html"
},
{
"name": "FEDORA-2012-0494",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html"
},
{
"name": "GLSA-201812-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201812-05"
},
{
"name": "[emacs-devel] 20120109 Security flaw in EDE; new release plans",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-01-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-07T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20120109 CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/2"
},
{
"name": "[cedet-devel] 20120111 CEDET 1.0.1 available online",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28657612"
},
{
"name": "47311",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47311"
},
{
"name": "50801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50801"
},
{
"name": "[oss-security] 20120109 Re: Re: CVE Request: CEDET/Emacs global-ede-mode file loading vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2012/01/10/4"
},
{
"name": "47515",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/47515"
},
{
"name": "[cedet-devel] 20120109 Security flaw in EDE",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://sourceforge.net/mailarchive/message.php?msg_id=28649762"
},
{
"name": "USN-1586-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"name": "MDVSA-2013:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"name": "FEDORA-2012-0462",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html"
},
{
"name": "FEDORA-2012-0494",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html"
},
{
"name": "GLSA-201812-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201812-05"
},
{
"name": "[emacs-devel] 20120109 Security flaw in EDE; new release plans",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-0035",
"datePublished": "2012-01-19T15:00:00",
"dateReserved": "2011-12-07T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48337 (GCVE-0-2022-48337)
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2025-03-18 15:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.761Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48337",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T15:30:19.045463Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T15:30:23.044Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the \"etags -u *\" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-14T02:06:13.683Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=01a4035c869b91c153af9a9132c87adb7669ea1c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48337",
"datePublished": "2023-02-20T00:00:00.000Z",
"dateReserved": "2023-02-20T00:00:00.000Z",
"dateUpdated": "2025-03-18T15:30:23.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0269 (GCVE-0-2000-0269)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1125"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf@mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1125"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0269",
"datePublished": "2000-04-26T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30202 (GCVE-0-2024-30202)
Vulnerability from cvelistv5
Published
2024-03-25 00:00
Modified
2024-11-13 17:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-30202",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-01T21:03:07.717634Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:54:10.866Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.372Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=003ddacf1c8d869b1858181c29ea21b731a8d8d9"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=befa9fcaae29a6c9a283ba371c3c5234c7f644eb"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turning on Org mode. This affects Org Mode before 9.6.23."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:08:01.531796",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=003ddacf1c8d869b1858181c29ea21b731a8d8d9"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=befa9fcaae29a6c9a283ba371c3c5234c7f644eb"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-30202",
"datePublished": "2024-03-25T00:00:00",
"dateReserved": "2024-03-25T00:00:00",
"dateUpdated": "2024-11-13T17:54:10.866Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3422 (GCVE-0-2014-3422)
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.616Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117067: find-gc.el misc fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-08T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117067: find-gc.el misc fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "MDVSA-2015:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0250.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"name": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8",
"refsource": "CONFIRM",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117067: find-gc.el misc fixes",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3422",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.616Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-39331 (GCVE-0-2024-39331)
Vulnerability from cvelistv5
Published
2024-06-23 00:00
Modified
2024-08-22 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:emacs:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emacs",
"vendor": "gnu",
"versions": [
{
"lessThan": "29.4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-39331",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T03:55:10.601Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:26:14.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"tags": [
"x_transferred"
],
"url": "https://list.orgmode.org/87sex5gdqc.fsf%40localhost/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/2"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=40768225"
},
{
"name": "[debian-lts-announce] 20240629 [SECURITY] [DLA 3848-1] org-mode security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240629 [SECURITY] [DLA 3849-1] org-mode security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-29T07:06:02.248894",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"url": "https://list.orgmode.org/87sex5gdqc.fsf%40localhost/"
},
{
"url": "https://lists.gnu.org/archive/html/info-gnu-emacs/2024-06/msg00000.html"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/1"
},
{
"url": "https://www.openwall.com/lists/oss-security/2024/06/23/2"
},
{
"url": "https://news.ycombinator.com/item?id=40768225"
},
{
"name": "[debian-lts-announce] 20240629 [SECURITY] [DLA 3848-1] org-mode security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240629 [SECURITY] [DLA 3849-1] org-mode security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00024.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-39331",
"datePublished": "2024-06-23T00:00:00",
"dateReserved": "2024-06-23T00:00:00",
"dateUpdated": "2024-08-22T03:55:10.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5795 (GCVE-0-2007-5795)
Vulnerability from cvelistv5
Published
2007-11-02 22:00
Modified
2024-08-07 15:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:46:59.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2007-3056",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00524.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008"
},
{
"name": "27984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27984"
},
{
"name": "emacs-hacklocalvariables-security-bypass(38263)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38263"
},
{
"name": "27728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27728"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2007-3715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3715"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29"
},
{
"name": "42060",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/42060"
},
{
"name": "USN-541-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-541-1"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "MDVSA-2008:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "26327",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=197958"
},
{
"name": "GLSA-200712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "27508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27508"
},
{
"name": "27627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27627"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2007-3056",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00524.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008"
},
{
"name": "27984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27984"
},
{
"name": "emacs-hacklocalvariables-security-bypass(38263)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38263"
},
{
"name": "27728",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27728"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2007-3715",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3715"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29"
},
{
"name": "42060",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/42060"
},
{
"name": "USN-541-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-541-1"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "MDVSA-2008:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "26327",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=197958"
},
{
"name": "GLSA-200712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "27508",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27508"
},
{
"name": "27627",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27627"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2007-5795",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2007-3056",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00524.html"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008"
},
{
"name": "27984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27984"
},
{
"name": "emacs-hacklocalvariables-security-bypass(38263)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38263"
},
{
"name": "27728",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27728"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "ADV-2007-3715",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3715"
},
{
"name": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29",
"refsource": "CONFIRM",
"url": "http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28\u0026r2=1.896.2.29"
},
{
"name": "42060",
"refsource": "OSVDB",
"url": "http://osvdb.org/42060"
},
{
"name": "USN-541-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-541-1"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "MDVSA-2008:034",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "26327",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26327"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=197958",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=197958"
},
{
"name": "GLSA-200712-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "27508",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27508"
},
{
"name": "27627",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27627"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2007-5795",
"datePublished": "2007-11-02T22:00:00",
"dateReserved": "2007-11-02T00:00:00",
"dateUpdated": "2024-08-07T15:46:59.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-1232 (GCVE-0-2003-1232)
Vulnerability from cvelistv5
Published
2005-09-26 04:00
Modified
2024-08-08 02:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:19:45.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f"
},
{
"name": "15375",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15375"
},
{
"name": "MDKSA-2005:208",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:208"
},
{
"name": "17496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17496"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2006-02-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f"
},
{
"name": "15375",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15375"
},
{
"name": "MDKSA-2005:208",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:208"
},
{
"name": "17496",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17496"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-1232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f",
"refsource": "MISC",
"url": "http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en\u0026lr=\u0026ie=UTF-8\u0026oe=UTF-8\u0026rnum=1\u0026prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f"
},
{
"name": "15375",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15375"
},
{
"name": "MDKSA-2005:208",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:208"
},
{
"name": "17496",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17496"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183"
},
{
"name": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html",
"refsource": "MISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-1232",
"datePublished": "2005-09-26T04:00:00",
"dateReserved": "2005-09-26T00:00:00",
"dateUpdated": "2024-08-08T02:19:45.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-9483 (GCVE-0-2014-9483)
Vulnerability from cvelistv5
Published
2017-08-28 15:00
Modified
2024-08-06 13:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Emacs 24.4 allows remote attackers to bypass security restrictions.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:47:40.389Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
},
{
"name": "[oss-security] 20150103 Re: CVE request for emacs possibly",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
},
{
"name": "emacs-cve20149483-sec-bypass(99688)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Emacs 24.4 allows remote attackers to bypass security restrictions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-07T15:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181599"
},
{
"name": "[oss-security] 20150103 Re: CVE request for emacs possibly",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/01/03/15"
},
{
"name": "emacs-cve20149483-sec-bypass(99688)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99688"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2014-9483",
"datePublished": "2017-08-28T15:00:00",
"dateReserved": "2015-01-03T00:00:00",
"dateUpdated": "2024-08-06T13:47:40.389Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27986 (GCVE-0-2023-27986)
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2025-03-05 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.840Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc"
},
{
"name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27986",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T17:06:42.472174Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T17:06:50.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters. It is fixed in 29.0.90."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-09T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc"
},
{
"name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-27986",
"datePublished": "2023-03-09T00:00:00.000Z",
"dateReserved": "2023-03-09T00:00:00.000Z",
"dateUpdated": "2025-03-05T17:06:50.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3479 (GCVE-0-2012-3479)
Vulnerability from cvelistv5
Published
2012-08-25 10:00
Modified
2024-08-06 20:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.672Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SSA:2012-228-02",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE",
"x_transferred"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.420006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155"
},
{
"name": "openSUSE-SU-2012:1348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00057.html"
},
{
"name": "50801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50801"
},
{
"name": "[oss-security] 20120812 Re: Security flaw in GNU Emacs file-local variables",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/2"
},
{
"name": "USN-1586-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"name": "54969",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/54969"
},
{
"name": "1027375",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027375"
},
{
"name": "[oss-security] 20120813 Security flaw in GNU Emacs file-local variables",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/1"
},
{
"name": "50157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50157"
},
{
"name": "MDVSA-2013:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"name": "DSA-2603",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2603"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-08-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-10T15:57:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "SSA:2012-228-02",
"tags": [
"vendor-advisory",
"x_refsource_SLACKWARE"
],
"url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2012\u0026m=slackware-security.420006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155"
},
{
"name": "openSUSE-SU-2012:1348",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2012-10/msg00057.html"
},
{
"name": "50801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50801"
},
{
"name": "[oss-security] 20120812 Re: Security flaw in GNU Emacs file-local variables",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/2"
},
{
"name": "USN-1586-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1586-1"
},
{
"name": "54969",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/54969"
},
{
"name": "1027375",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027375"
},
{
"name": "[oss-security] 20120813 Security flaw in GNU Emacs file-local variables",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/08/13/1"
},
{
"name": "50157",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50157"
},
{
"name": "MDVSA-2013:076",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:076"
},
{
"name": "DSA-2603",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2603"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3479",
"datePublished": "2012-08-25T10:00:00",
"dateReserved": "2012-06-14T00:00:00",
"dateUpdated": "2024-08-06T20:05:12.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-27985 (GCVE-0-2023-27985)
Vulnerability from cvelistv5
Published
2023-03-09 00:00
Modified
2025-03-05 16:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:23:30.841Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"tags": [
"x_transferred"
],
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467"
},
{
"tags": [
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204"
},
{
"name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-27985",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T16:56:57.548329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T16:57:02.029Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-09T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.openwall.com/lists/oss-security/2023/03/08/2"
},
{
"url": "http://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=d32091199ae5de590a83f1542a01d75fba000467"
},
{
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=60204"
},
{
"name": "[oss-security] 20230309 Re: Shell command and Emacs Lisp code injection in emacsclient-mail.desktop",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2023/03/09/1"
},
{
"url": "https://www.gabriel.urdhr.fr/2023/06/08/emacsclient-mail-shell-elisp-injections/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-27985",
"datePublished": "2023-03-09T00:00:00.000Z",
"dateReserved": "2023-03-09T00:00:00.000Z",
"dateUpdated": "2025-03-05T16:57:02.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3424 (GCVE-0-2014-3424)
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.773Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117071: Fix Bug#17415.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-08T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117071: Fix Bug#17415.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3424",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lisp/net/tramp-sh.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/tramp.##### temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117071: Fix Bug#17415.",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00060.html"
},
{
"name": "MDVSA-2015:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0250.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"name": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8",
"refsource": "CONFIRM",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3424",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-53920 (GCVE-0-2024-53920)
Vulnerability from cvelistv5
Published
2024-11-27 00:00
Modified
2025-03-13 19:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:gnu:emacs:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "emacs",
"vendor": "gnu",
"versions": [
{
"status": "affected",
"version": "30.0.92"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-53920",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T16:55:56.437957Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T19:25:55.594Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point (for code completion) on untrusted Emacs Lisp source code can trigger unsafe Lisp macro expansion that allows attackers to execute arbitrary code. (This unsafe expansion also occurs if a user chooses to enable on-the-fly diagnosis that byte compiles untrusted Emacs Lisp source code.)"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-01T05:20:27.548Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/ChangeLog.4"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tag/?h=emacs-30.0.92"
},
{
"url": "https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html"
},
{
"url": "https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg@mail.gmail.com/"
},
{
"url": "https://news.ycombinator.com/item?id=42256409"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-53920",
"datePublished": "2024-11-27T00:00:00.000Z",
"dateReserved": "2024-11-25T00:00:00.000Z",
"dateUpdated": "2025-03-13T19:25:55.594Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45939 (GCVE-0-2022-45939)
Vulnerability from cvelistv5
Published
2022-11-28 00:00
Modified
2025-04-28 18:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3257-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html"
},
{
"name": "FEDORA-2022-d69c7f95a4",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/"
},
{
"name": "FEDORA-2022-e37f239f2e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/"
},
{
"name": "DSA-5314",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5314"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-45939",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-28T18:11:50.347302Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-28T18:12:24.092Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the \"ctags *\" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-12T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51"
},
{
"name": "[debian-lts-announce] 20221231 [SECURITY] [DLA 3257-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2022/12/msg00046.html"
},
{
"name": "FEDORA-2022-d69c7f95a4",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GOXIH2FDEQJEAARE52C3GHTLGQFBYPIB/"
},
{
"name": "FEDORA-2022-e37f239f2e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FOSK3J7BBAEI4IITW2DRUKLQYUZYKH6Y/"
},
{
"name": "DSA-5314",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5314"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-45939",
"datePublished": "2022-11-28T00:00:00.000Z",
"dateReserved": "2022-11-28T00:00:00.000Z",
"dateUpdated": "2025-04-28T18:12:24.092Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6109 (GCVE-0-2007-6109)
Vulnerability from cvelistv5
Published
2007-12-07 11:00
Modified
2024-08-07 15:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:54:26.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27965"
},
{
"name": "USN-607-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "27984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "SUSE-SR:2007:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "emacs-unspecified-bo(38904)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
},
{
"name": "MDVSA-2008:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "30109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30109"
},
{
"name": "GLSA-200712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "28838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28838"
},
{
"name": "SUSE-SR:2008:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27965",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27965"
},
{
"name": "USN-607-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "27984",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
},
{
"name": "ADV-2008-0924",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "SUSE-SR:2007:025",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"name": "29420",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "emacs-unspecified-bo(38904)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
},
{
"name": "MDVSA-2008:034",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "30109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30109"
},
{
"name": "GLSA-200712-03",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "28838",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28838"
},
{
"name": "SUSE-SR:2008:003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27965",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27965"
},
{
"name": "USN-607-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "27984",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27984"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=200297",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"
},
{
"name": "ADV-2008-0924",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0924/references"
},
{
"name": "SUSE-SR:2007:025",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"
},
{
"name": "29420",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29420"
},
{
"name": "APPLE-SA-2008-03-18",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"
},
{
"name": "emacs-unspecified-bo(38904)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"
},
{
"name": "MDVSA-2008:034",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"
},
{
"name": "30109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30109"
},
{
"name": "GLSA-200712-03",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"
},
{
"name": "http://docs.info.apple.com/article.html?artnum=307562",
"refsource": "CONFIRM",
"url": "http://docs.info.apple.com/article.html?artnum=307562"
},
{
"name": "28838",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28838"
},
{
"name": "SUSE-SR:2008:003",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6109",
"datePublished": "2007-12-07T11:00:00",
"dateReserved": "2007-11-23T00:00:00",
"dateUpdated": "2024-08-07T15:54:26.839Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-14482 (GCVE-0-2017-14482)
Vulnerability from cvelistv5
Published
2017-09-14 16:00
Modified
2024-08-05 19:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:27:40.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-3975",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70"
},
{
"name": "DSA-3970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2017/dsa-3970"
},
{
"name": "GLSA-201801-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201801-07"
},
{
"name": "RHSA-2017:2771",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2771"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.gnu.org/software/emacs/index.html#Releases"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/11/1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted \"Content-Type: text/enriched\" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-08T10:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-3975",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70"
},
{
"name": "DSA-3970",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2017/dsa-3970"
},
{
"name": "GLSA-201801-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201801-07"
},
{
"name": "RHSA-2017:2771",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2771"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.gnu.org/software/emacs/index.html#Releases"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openwall.com/lists/oss-security/2017/09/11/1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-14482",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted \"Content-Type: text/enriched\" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-3975",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3975"
},
{
"name": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70",
"refsource": "CONFIRM",
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25\u0026id=9ad0fcc54442a9a01d41be19880250783426db70"
},
{
"name": "DSA-3970",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2017/dsa-3970"
},
{
"name": "GLSA-201801-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201801-07"
},
{
"name": "RHSA-2017:2771",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2771"
},
{
"name": "https://www.gnu.org/software/emacs/index.html#Releases",
"refsource": "CONFIRM",
"url": "https://www.gnu.org/software/emacs/index.html#Releases"
},
{
"name": "http://www.openwall.com/lists/oss-security/2017/09/11/1",
"refsource": "CONFIRM",
"url": "http://www.openwall.com/lists/oss-security/2017/09/11/1"
},
{
"name": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350",
"refsource": "CONFIRM",
"url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-14482",
"datePublished": "2017-09-14T16:00:00",
"dateReserved": "2017-09-14T00:00:00",
"dateUpdated": "2024-08-05T19:27:40.893Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1694 (GCVE-0-2008-1694)
Vulnerability from cvelistv5
Published
2008-04-21 20:00
Modified
2024-08-07 08:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.247Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-607-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "29905",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29905"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=208483"
},
{
"name": "MDVSA-2008:096",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:096"
},
{
"name": "ADV-2008-1309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1309/references"
},
{
"name": "1019909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019909"
},
{
"name": "29926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29926"
},
{
"name": "30109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30109"
},
{
"name": "xemacs-gnuemacs-vcdiff-symlink(41906)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41906"
},
{
"name": "28857",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28857"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=216880"
},
{
"name": "ADV-2008-1310",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1310/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-03T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-607-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "29905",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29905"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=208483"
},
{
"name": "MDVSA-2008:096",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:096"
},
{
"name": "ADV-2008-1309",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1309/references"
},
{
"name": "1019909",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019909"
},
{
"name": "29926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29926"
},
{
"name": "30109",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30109"
},
{
"name": "xemacs-gnuemacs-vcdiff-symlink(41906)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41906"
},
{
"name": "28857",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28857"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.gentoo.org/show_bug.cgi?id=216880"
},
{
"name": "ADV-2008-1310",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1310/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1694",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-607-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/607-1/"
},
{
"name": "29905",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29905"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=208483",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=208483"
},
{
"name": "MDVSA-2008:096",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:096"
},
{
"name": "ADV-2008-1309",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1309/references"
},
{
"name": "1019909",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019909"
},
{
"name": "29926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29926"
},
{
"name": "30109",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30109"
},
{
"name": "xemacs-gnuemacs-vcdiff-symlink(41906)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41906"
},
{
"name": "28857",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28857"
},
{
"name": "http://bugs.gentoo.org/show_bug.cgi?id=216880",
"refsource": "CONFIRM",
"url": "http://bugs.gentoo.org/show_bug.cgi?id=216880"
},
{
"name": "ADV-2008-1310",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1310/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1694",
"datePublished": "2008-04-21T20:00:00",
"dateReserved": "2008-04-08T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30205 (GCVE-0-2024-30205)
Vulnerability from cvelistv5
Published
2024-03-25 00:00
Modified
2024-12-03 16:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-30205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-01T19:24:54.853994Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-494",
"description": "CWE-494 Download of Code Without Integrity Check",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T16:41:24.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.369Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=2bc865ace050ff118db43f01457f95f95112b877"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T17:06:43.213891",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=4255d5dcc0657915f90e4fba7e0a5514cced514d"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=2bc865ace050ff118db43f01457f95f95112b877"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-30205",
"datePublished": "2024-03-25T00:00:00",
"dateReserved": "2024-03-25T00:00:00",
"dateUpdated": "2024-12-03T16:41:24.224Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3421 (GCVE-0-2014-3421)
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-08T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117066: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name.",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00055.html"
},
{
"name": "MDVSA-2015:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0250.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"name": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8",
"refsource": "CONFIRM",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3421",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.509Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0100 (GCVE-0-2005-0100)
Vulnerability from cvelistv5
Published
2005-02-08 05:00
Modified
2024-08-07 20:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:57:41.179Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9408",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408"
},
{
"name": "DSA-671",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-671"
},
{
"name": "FLSA-2006:152898",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/433928/30/5010/threaded"
},
{
"name": "DSA-670",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-670"
},
{
"name": "20050207 [USN-76-1] Emacs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110780416112719\u0026w=2"
},
{
"name": "RHSA-2005:110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-110.html"
},
{
"name": "DSA-685",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2005/dsa-685"
},
{
"name": "xemacs-movemail-format-string(19246)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19246"
},
{
"name": "RHSA-2005:133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-133.html"
},
{
"name": "RHSA-2005:112",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-112.html"
},
{
"name": "12462",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12462"
},
{
"name": "MDKSA-2005:038",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:038"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:9408",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408"
},
{
"name": "DSA-671",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-671"
},
{
"name": "FLSA-2006:152898",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.securityfocus.com/archive/1/433928/30/5010/threaded"
},
{
"name": "DSA-670",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-670"
},
{
"name": "20050207 [USN-76-1] Emacs vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110780416112719\u0026w=2"
},
{
"name": "RHSA-2005:110",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-110.html"
},
{
"name": "DSA-685",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2005/dsa-685"
},
{
"name": "xemacs-movemail-format-string(19246)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19246"
},
{
"name": "RHSA-2005:133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-133.html"
},
{
"name": "RHSA-2005:112",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2005-112.html"
},
{
"name": "12462",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12462"
},
{
"name": "MDKSA-2005:038",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:038"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0100",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:9408",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9408"
},
{
"name": "DSA-671",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-671"
},
{
"name": "FLSA-2006:152898",
"refsource": "FEDORA",
"url": "http://www.securityfocus.com/archive/1/433928/30/5010/threaded"
},
{
"name": "DSA-670",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-670"
},
{
"name": "20050207 [USN-76-1] Emacs vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110780416112719\u0026w=2"
},
{
"name": "RHSA-2005:110",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-110.html"
},
{
"name": "DSA-685",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2005/dsa-685"
},
{
"name": "xemacs-movemail-format-string(19246)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19246"
},
{
"name": "RHSA-2005:133",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-133.html"
},
{
"name": "RHSA-2005:112",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2005-112.html"
},
{
"name": "12462",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12462"
},
{
"name": "MDKSA-2005:038",
"refsource": "MANDRAKE",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:038"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0100",
"datePublished": "2005-02-08T05:00:00",
"dateReserved": "2005-01-18T00:00:00",
"dateUpdated": "2024-08-07T20:57:41.179Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-1103 (GCVE-0-2012-1103)
Vulnerability from cvelistv5
Published
2012-09-25 23:00
Modified
2024-09-16 22:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:45:27.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://notmuchmail.org/news/release-0.11.1/"
},
{
"name": "52155",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/52155"
},
{
"name": "[oss-security] 20120304 Re: CVE request: notmuch",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/6"
},
{
"name": "DSA-2416",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2012/dsa-2416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el"
},
{
"name": "[oss-security] 20120304 CVE request: notmuch",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/04/5"
},
{
"name": "48139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/48139"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-25T23:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://notmuchmail.org/news/release-0.11.1/"
},
{
"name": "52155",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/52155"
},
{
"name": "[oss-security] 20120304 Re: CVE request: notmuch",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/6"
},
{
"name": "DSA-2416",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2012/dsa-2416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el"
},
{
"name": "[oss-security] 20120304 CVE request: notmuch",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/03/04/5"
},
{
"name": "48139",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/48139"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-1103",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://notmuchmail.org/news/release-0.11.1/",
"refsource": "CONFIRM",
"url": "http://notmuchmail.org/news/release-0.11.1/"
},
{
"name": "52155",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/52155"
},
{
"name": "[oss-security] 20120304 Re: CVE request: notmuch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/05/6"
},
{
"name": "DSA-2416",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2012/dsa-2416"
},
{
"name": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el",
"refsource": "CONFIRM",
"url": "http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el"
},
{
"name": "[oss-security] 20120304 CVE request: notmuch",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/03/04/5"
},
{
"name": "48139",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/48139"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-1103",
"datePublished": "2012-09-25T23:00:00Z",
"dateReserved": "2012-02-14T00:00:00Z",
"dateUpdated": "2024-09-16T22:56:49.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3423 (GCVE-0-2014-3423)
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:06.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117068: browse-url.el comment",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-08T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117068: browse-url.el comment",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html"
},
{
"name": "MDVSA-2015:117",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3423",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lisp/net/browse-url.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic.##### temporary file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20140507 Re: CVE Request - Predictable temporary filenames in GNU Emacs",
"refsource": "MLIST",
"url": "http://openwall.com/lists/oss-security/2014/05/07/7"
},
{
"name": "[emacs-diffs] 20140506 emacs-24 r117068: browse-url.el comment",
"refsource": "MLIST",
"url": "http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00057.html"
},
{
"name": "MDVSA-2015:117",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:117"
},
{
"name": "http://advisories.mageia.org/MGASA-2014-0250.html",
"refsource": "CONFIRM",
"url": "http://advisories.mageia.org/MGASA-2014-0250.html"
},
{
"name": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8",
"refsource": "MISC",
"url": "http://debbugs.gnu.org/cgi/bugreport.cgi?bug=17428#8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3423",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:06.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0271 (GCVE-0-2000-0271)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1125"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1125"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0271",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf@mercury.rus.uni-stuttgart.de"
},
{
"name": "1125",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1125"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0271",
"datePublished": "2000-04-26T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2833 (GCVE-0-2007-2833)
Vulnerability from cvelistv5
Published
2007-06-21 20:00
Modified
2024-08-07 13:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:49:57.659Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2007/dsa-1316"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "1018277",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018277"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
},
{
"name": "USN-504-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-504-1"
},
{
"name": "24570",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24570"
},
{
"name": "MDKSA-2007:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26987"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.rpath.com/browse/RPL-1490"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-06-27T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1316",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2007/dsa-1316"
},
{
"name": "SUSE-SR:2007:019",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "1018277",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018277"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
},
{
"name": "USN-504-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-504-1"
},
{
"name": "24570",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24570"
},
{
"name": "MDKSA-2007:133",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
},
{
"name": "26987",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26987"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.rpath.com/browse/RPL-1490"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1316",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2007/dsa-1316"
},
{
"name": "SUSE-SR:2007:019",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2007_19_sr.html"
},
{
"name": "1018277",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018277"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929"
},
{
"name": "USN-504-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-504-1"
},
{
"name": "24570",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24570"
},
{
"name": "MDKSA-2007:133",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:133"
},
{
"name": "26987",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26987"
},
{
"name": "https://issues.rpath.com/browse/RPL-1490",
"refsource": "CONFIRM",
"url": "https://issues.rpath.com/browse/RPL-1490"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2833",
"datePublished": "2007-06-21T20:00:00",
"dateReserved": "2007-05-24T00:00:00",
"dateUpdated": "2024-08-07T13:49:57.659Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0825 (GCVE-0-2010-0825)
Vulnerability from cvelistv5
Published
2010-04-05 15:15
Modified
2024-08-07 00:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:39.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDVSA-2010:083",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:083"
},
{
"name": "emacs-emailhelper-symlink(57457)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57457"
},
{
"name": "USN-919-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-919-1"
},
{
"name": "39155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39155"
},
{
"name": "ADV-2010-0734",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0734"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+bug/531569"
},
{
"name": "ADV-2010-0952",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0952"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-03-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"name": "MDVSA-2010:083",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:083"
},
{
"name": "emacs-emailhelper-symlink(57457)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57457"
},
{
"name": "USN-919-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-919-1"
},
{
"name": "39155",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39155"
},
{
"name": "ADV-2010-0734",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0734"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.launchpad.net/ubuntu/+bug/531569"
},
{
"name": "ADV-2010-0952",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0952"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"ID": "CVE-2010-0825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDVSA-2010:083",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:083"
},
{
"name": "emacs-emailhelper-symlink(57457)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57457"
},
{
"name": "USN-919-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-919-1"
},
{
"name": "39155",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39155"
},
{
"name": "ADV-2010-0734",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0734"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+bug/531569",
"refsource": "CONFIRM",
"url": "https://bugs.launchpad.net/ubuntu/+bug/531569"
},
{
"name": "ADV-2010-0952",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0952"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2010-0825",
"datePublished": "2010-04-05T15:15:00",
"dateReserved": "2010-03-03T00:00:00",
"dateUpdated": "2024-08-07T00:59:39.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48338 (GCVE-0-2022-48338)
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2025-03-18 15:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.720Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T15:21:17.361535Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T15:21:22.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-14T02:06:10.519Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=9a3b08061feea14d6f37685ca1ab8801758bfd1c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48338",
"datePublished": "2023-02-20T00:00:00.000Z",
"dateReserved": "2023-02-20T00:00:00.000Z",
"dateUpdated": "2025-03-18T15:21:22.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30203 (GCVE-0-2024-30203)
Vulnerability from cvelistv5
Published
2024-03-25 00:00
Modified
2024-11-07 11:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Emacs before 29.3, Gnus treats inline MIME contents as trusted.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-30203",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-17T16:17:00.795450Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T11:03:21.383Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=937b9042ad7426acdcca33e3d931d8f495bdd804"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"name": "[oss-security] 20240411 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/5"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/6"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"name": "[oss-security] 20240410 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"name": "[oss-security] 20240408 Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, Gnus treats inline MIME contents as trusted."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:12:29.966784",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=937b9042ad7426acdcca33e3d931d8f495bdd804"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"name": "[oss-security] 20240411 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/5"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/6"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"name": "[oss-security] 20240410 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"name": "[oss-security] 20240408 Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-30203",
"datePublished": "2024-03-25T00:00:00",
"dateReserved": "2024-03-25T00:00:00",
"dateUpdated": "2024-11-07T11:03:21.383Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0270 (GCVE-0-2000-0270)
Vulnerability from cvelistv5
Published
2000-04-26 04:00
Modified
2024-08-08 05:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:14:20.384Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1126",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1126"
},
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-04-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-02-15T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1126",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1126"
},
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf%40mercury.rus.uni-stuttgart.de"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0270",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1126",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1126"
},
{
"name": "20000418 RUS-CERT Advisory 200004-01: GNU Emacs 20",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026date=2000-04-15\u0026msg=tg4s8zioxq.fsf@mercury.rus.uni-stuttgart.de"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0270",
"datePublished": "2000-04-26T04:00:00",
"dateReserved": "2000-04-26T00:00:00",
"dateUpdated": "2024-08-08T05:14:20.384Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-30204 (GCVE-0-2024-30204)
Vulnerability from cvelistv5
Published
2024-03-25 00:00
Modified
2024-11-04 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-30204",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-18T13:42:11.496611Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:34:51.409Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:25:03.423Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=6f9ea396f49cbe38c2173e0a72ba6af3e03b271c"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"name": "[oss-security] 20240410 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"name": "[oss-security] 20240408 Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-01T18:12:31.908377",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-29"
},
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29\u0026id=6f9ea396f49cbe38c2173e0a72ba6af3e03b271c"
},
{
"name": "[debian-lts-announce] 20240429 [SECURITY] [DLA 3801-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00023.html"
},
{
"name": "[debian-lts-announce] 20240430 [SECURITY] [DLA 3802-1] org-mode security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00024.html"
},
{
"name": "[oss-security] 20240325 Re: GNU emacs 29.3 released to fix security issues",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/03/25/2"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/3"
},
{
"name": "[oss-security] 20240411 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/11/4"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/4"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/6"
},
{
"name": "[oss-security] 20240410 Re: Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/5"
},
{
"name": "[oss-security] 20240408 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/7"
},
{
"name": "[oss-security] 20240408 Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/08/3"
},
{
"name": "[oss-security] 20240410 Re: Is CVE-2024-30203 bogus? (Emacs)",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2024/04/10/6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-30204",
"datePublished": "2024-03-25T00:00:00",
"dateReserved": "2024-03-25T00:00:00",
"dateUpdated": "2024-11-04T16:34:51.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48339 (GCVE-0-2022-48339)
Vulnerability from cvelistv5
Published
2023-02-20 00:00
Modified
2025-03-18 15:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:10:59.748Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48339",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-18T15:19:02.543244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1116",
"description": "CWE-1116 Inaccurate Comments",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-18T15:19:50.352Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-14T02:06:12.105Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=1b4dc4691c1f87fc970fbe568b43869a15ad0d4c"
},
{
"name": "DSA-5360",
"tags": [
"vendor-advisory"
],
"url": "https://www.debian.org/security/2023/dsa-5360"
},
{
"name": "[debian-lts-announce] 20230509 [SECURITY] [DLA 3416-1] emacs security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00008.html"
},
{
"name": "FEDORA-2023-5763445abe",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6HDBUQNAH2WL4MHWCTUZLN7NGF7CHTK/"
},
{
"name": "FEDORA-2023-29df561f1d",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FLPQ4K6H2S5TY3L5UDN4K4B3L5RQJYQ6/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48339",
"datePublished": "2023-02-20T00:00:00.000Z",
"dateReserved": "2023-02-20T00:00:00.000Z",
"dateUpdated": "2025-03-18T15:19:50.352Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1000383 (GCVE-0-2017-1000383)
Vulnerability from cvelistv5
Published
2017-10-31 20:00
Modified
2024-08-05 22:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:41.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20171031 Fw: Security risk of vim swap files",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/31/1"
},
{
"name": "101671",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101671"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file (\"[ORIGINAL_FILENAME]~\") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-07T10:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20171031 Fw: Security risk of vim swap files",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2017/10/31/1"
},
{
"name": "101671",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101671"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-1000383",
"REQUESTER": "kurt@seifried.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file (\"[ORIGINAL_FILENAME]~\") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20171031 Fw: Security risk of vim swap files",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2017/10/31/1"
},
{
"name": "101671",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101671"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000383",
"datePublished": "2017-10-31T20:00:00",
"dateReserved": "2017-10-31T00:00:00",
"dateUpdated": "2024-08-05T22:00:41.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-2491 (GCVE-0-2023-2491)
Vulnerability from cvelistv5
Published
2023-05-17 00:00
Modified
2025-01-22 18:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:26:08.963Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2023-2491"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:3104"
},
{
"tags": [
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2023:2626"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-2491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-22T18:23:37.804357Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-22T18:23:43.462Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "emacs",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects emacs v26.1-9.el8 and emacs v27.2-8.el9, Fixed in emacs v26.1-10.el8_8.2 and emacs v27.2-8.el9_2.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the \"org-babel-execute:latex\" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 - Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-17T00:00:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2192873"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-2491"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:3104"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:2626"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2023-2491",
"datePublished": "2023-05-17T00:00:00.000Z",
"dateReserved": "2023-05-03T00:00:00.000Z",
"dateUpdated": "2025-01-22T18:23:43.462Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}