Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2012-1103HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-1103
2022-10-0316:15:27
Debian Security Bug Tracker
security-tracker.debian.org
7
cve-2012-1103
notmuch
emacs interface
remote attackers
arbitrary files
mml tags
email reply
security vulnerability
unix
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.9%
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | notmuch | < 0.11.1-1 | notmuch_0.11.1-1_all.deb |
| Debian | 11 | all | notmuch | < 0.11.1-1 | notmuch_0.11.1-1_all.deb |
| Debian | 999 | all | notmuch | < 0.11.1-1 | notmuch_0.11.1-1_all.deb |
| Debian | 13 | all | notmuch | < 0.11.1-1 | notmuch_0.11.1-1_all.deb |
Related
ubuntucve
ubuntucve
CVE-2012-1103
2012-09-25 00:00:00
cvelist
cvelist
CVE-2012-1103
2022-10-03 16:15:27
cve
cve
CVE-2012-1103
2022-10-03 16:15:27
openvas
openvas
Debian: Security Advisory (DSA-2416-1)
2012-03-12 00:00:00
Debian Security Advisory DSA 2416-1 (notmuch)
2012-03-12 00:00:00
prion
prion
Authentication flaw
2012-09-25 23:55:00
nvd
nvd
CVE-2012-1103
2012-09-25 23:55:01
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
74.9%
Related for DEBIANCVE:CVE-2012-1103