Lucene search
+L

6 matches found

CVE
CVE
added 2014/05/08 10:0 a.m.98 views

CVE-2014-3422

CVE-2014-3422 affects GNU Emacs 24.3 and earlier. The vulnerability allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/. Public documents (OpenVAS/Nessus/EulerOS advisories) confirm the existence and nature of the issue but do not specify a ve...

3.3CVSS6AI score0.00344EPSS
CVE
CVE
added 2014/05/08 10:0 a.m.92 views

CVE-2014-3421

CVE-2014-3421 affects GNU Emacs 24.3 and earlier. The vulnerability is in lisp/gnus/gnus-fun.el, enabling local users to overwrite arbitrary files via a symlink attack on /tmp/gnus.face.ppm. Connected sources (EMACS advisories) confirm the affected versions and the symlink-based overwrite vector;...

3.3CVSS6AI score0.00344EPSS
CVE
CVE
added 2014/05/08 10:0 a.m.75 views

CVE-2014-3423

CVE-2014-3423 affects GNU Emacs 24.3 and earlier, where lisp/net/browse-url.el allows local users to overwrite arbitrary files via a symlink attack on a /tmp/Mosaic temporary file. The connected sources confirm this local-privilege issue and describe the exact path and file involved, but do not p...

3.3CVSS6AI score0.00341EPSS
CVE
CVE
added 2007/06/21 8:0 p.m.71 views

CVE-2007-2833

CVE-2007-2833 affects GNU Emacs 21; user-assisted attackers could crash Emacs by crafting GIF images in VM mode due to an image-size calculation issue. Mitigations are available via vendor advisories (Debian DSA-1316-1, Ubuntu USN-504-1, SUSE patches, Mandriva MDKSA-2007:133, etc.). OpenVAS/Red H...

7.8CVSS6AI score0.01962EPSS
CVE
CVE
added 2012/01/19 3:0 p.m.68 views

CVE-2012-0035

CVE-2012-0035 is an untrusted search path vulnerability in EDE (CEDET) that allows a local user to escalate privileges by crafting a Project.ede file loaded from a project directory. The issue affects CEDET’s EDE in Emacs contexts (notably Emacs 23.x with CEDET before 1.0.1); analysis from Gentoo...

9.3CVSS6.2AI score0.02723EPSS
CVE
CVE
added 2014/05/08 10:0 a.m.65 views

CVE-2014-3424

CVE-2014-3424 affects GNU Emacs 24.3 and earlier. The vulnerability is in lisp/net/tramp-sh.el, where a symlink attack on a /tmp/tramp-XXXXX temporary file allows a local user to overwrite arbitrary files. CVSSv2 from NVD shows base score 3.3 (AV:L, AC:M, I:P, A:P; no confidentiality impact). Con...

3.3CVSS6AI score0.00344EPSS