378 matches found
Debian Security Advisory DSA 337-1 (semi, wemi)
The remote host is missing an update to semi, wemi announced via advisory DSA 337-1. OpenVAS Vulnerability Test $Id: deb3371.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 337-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-430)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 10 Security Update : GNU Emacs (ZYPP Patch Number 4190)
This update fixes a bug in parsing GIF images that lead to a crash of emacs. CVE-2007-2833 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29416;...
GLSA-200712-03 : GNU Emacs: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200712-03 GNU Emacs: Multiple vulnerabilities Drake Wilson reported that the hack-local-variables function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variable...
GNU Emacs: Multiple vulnerabilities
Background GNU Emacs is a highly extensible and customizable text editor. Description Drake Wilson reported that the hack-local-variables function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variables, allowing to override the...
TRAMP: Insecure temporary file creation
Background TRAMP is a remote file editing package for GNU Emacs, a highly extensible and customizable text editor. Description Stefan Monnier discovered that the tramp-make-tramp-temp-file function creates temporary files in an insecure manner. Impact A local attacker could create symbolic links ...
GNU emacs DoS
Crash on images processing...
DSA-1316-1 emacs21
Bulletin has no description...
Emacs, XEmacs: Format string vulnerabilities in movemail
Background GNU Emacs and XEmacs are highly extensible and customizable text editors. movemail is an Emacs utility that can fetch mail on remote mail servers. Description Max Vozeler discovered that the movemail utility contains several format string errors. Impact An attacker could set up a...
Debian DSA-339-1 : semi - insecure temporary file
NOTE: due to a combination of administrative problems, this advisory was erroneously released with the identifier 'DSA-337-1'. DSA-337-1 correctly refers to an earlier advisory regarding gtksee. semi, a MIME library for GNU Emacs, does not take appropriate security precautions when creating...
Debian DSA-430-1 : trr19 - missing privilege release
Steve Kemp discovered a problem in trr19, a type trainer application for GNU Emacs, which is written as a pair of setgid binaries and wrapper programs which execute commands for GNU Emacs. However, the binaries don't drop privileges before executing a command, allowing an attacker to gain access ...
RHEL 2.1 : semi (RHSA-2003:231)
Updated semi packages that fix vulnerabilities in semi's temporary file handling are now available. semi is a MIME library for GNU Emacs and XEmacs used by the wl mail package. A vulnerability in semi version 1.14.3 and earlier allows an attacker to overwrite arbitrary files with potentially...
DSA-430 trr19 - missing privilege release
Bulletin has no description...
Low: Red Hat Security Advisory: semi security update
Updated semi packages that fix vulnerabilities in semi's temporary file handling are now available. semi is a MIME library for GNU Emacs and XEmacs used by the wl mail package. A vulnerability in semi version 1.14.3 and earlier allows an attacker to overwrite arbitrary files with potentially...
DSA-339 semi - insecure temporary file
Bulletin has no description...
RUS-CERT.200004-01.txt
RUS-CERT Advisory 200004-01: GNU Emacs 20 RUS-CERT, University of Stuttgart 2000-04-18 Summary Several vulnerabilities were discovered in all Emacs versions up to 20.6, namely: Under certain circumstances, unprivileged local users can eavesdrop the communication between Emacs and its subprocesses...
Уязвимости GNU Emacs
В программах, основанных на Emacs можно контролировать PTY пользователя, небезопасно создаются временные файлы легко угадываемое имя, хранится последовательность нажатых клавиш, что позволяет извлечь пароль пользователя...
RUS-CERT Advisory 200004-01: GNU Emacs 20
RUS-CERT Advisory 200004-01: GNU Emacs 20 RUS-CERT, University of Stuttgart 2000-04-18 Summary Several vulnerabilities were discovered in all Emacs versions up to 20.6, namely: Under certain circumstances, unprivileged local users can eavesdrop the communication between Emacs and its subprocesses...