CVE-2008-1694

CVE-2008-1694 concerns the vcdiff component in Emacs versions 20.7 through 22.1.50 when used with SCCS. The underlying issue is insecure handling of temporary files in the vcdiff script, enabling a local attacker to overwrite arbitrary files via a symlink race condition. Public advisories confirm...