8 matches found
Linux Distros Unpatched Vulnerability : CVE-2008-1694
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files. CVE-2008-1694 Not...
RHEL 5 : emacs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: command injection flaw within enriched mode handling CVE-2017-14482 - vcdiff in Emacs 20.7 to...
Mandriva Update for emacs MDVSA-2008:096 (emacs)
Check for the Version of emacs OpenVAS Vulnerability Test Mandriva Update for emacs MDVSA-2008:096 emacs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Mandriva Update for emacs MDVSA-2008:096 (emacs)
Check for the Version of emacs OpenVAS Vulnerability Test Mandriva Update for emacs MDVSA-2008:096 emacs Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Ubuntu: Security Advisory (USN-607-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GNU Emacs创建不安全临时文件漏洞
BUGTRAQ ID: 28857 CVECAN ID: CVE-2008-1694 Emacs是一个可扩展的实时显示编辑器。 Emacs的vcdiff工具(lib-src/vcdiff)以不安全的方式使用临时文件,这允许本地攻击者通过符号链接攻击以运行vcdiff用户的权限写入任意文件。 GNU Emacs 20.7 - 22.1.50 GNU --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lib-src/vcdiff?view=log...
CVE-2008-1694
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2008-1694
CVE-2008-1694 concerns the vcdiff component in Emacs versions 20.7 through 22.1.50 when used with SCCS. The underlying issue is insecure handling of temporary files in the vcdiff script, enabling a local attacker to overwrite arbitrary files via a symlink race condition. Public advisories confirm...