Emacs vulnerability

2007-11-1300:00:00

ubuntu.com

7.2 High

AI Score

Confidence

Low

6.3 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:C/A:C

0.001 Low

EPSS

Percentile

38.1%

JSON

Releases

Ubuntu 7.10

Packages

emacs22 -

Details

Drake Wilson discovered that Emacs did not correctly handle the safe
mode of “enable-local-variables”. If a user were tricked into opening
a specially crafted file while “enable-local-variables” was set to the
non-default “:safe”, a remote attacker could execute arbitrary commands
with the user’s privileges.

OSVersionArchitecturePackageVersionFilename
Ubuntu7.10noarchemacs22< 22.1-0ubuntu5.1UNKNOWN
Ubuntu7.10noarchemacs22-bin-common< 22.1-0ubuntu5.1UNKNOWN
Ubuntu7.10noarchemacs22-gtk< 22.1-0ubuntu5.1UNKNOWN
Ubuntu7.10noarchemacs22-nox< 22.1-0ubuntu5.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	7.10	noarch	emacs22	< 22.1-0ubuntu5.1	UNKNOWN
Ubuntu	7.10	noarch	emacs22-bin-common	< 22.1-0ubuntu5.1	UNKNOWN
Ubuntu	7.10	noarch	emacs22-gtk	< 22.1-0ubuntu5.1	UNKNOWN
Ubuntu	7.10	noarch	emacs22-nox	< 22.1-0ubuntu5.1	UNKNOWN