224 matches found
Debian DSA-811-2 : common-lisp-controller - design error
The bugfix for the problem mentioned below contained an error that caused third-party programs to fail. The problem is corrected by this update. For completeness we're including the original advisory text : Francois-Rene Rideau discovered a bug in common-lisp-controller, a Common Lisp source and...
CVE-2003-1232
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable...
CVE-2000-0270
The CVE affects Emacs 20’s make-temp-name Lisp function, which creates temporary files with predictable names, enabling a symlink attack. This is described by CVE-2000-0270 in NVD; connected sources note the same vulnerability. The available documents do not specify a patch version or workaround....
CVE-2000-0271
In CVE-2000-0271, Emacs 20’s read-passwd and related Lisp functions do not properly clear the history of recently typed keys. This can allow an attacker to read unencrypted passwords stored in the command history. The issue is rooted in the Lisp password/history handling within Emacs 20. The prov...