CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
85.5%
Stack-based buffer overflow in emacs allows user-assisted attackers to
cause a denial of service (application crash) and possibly have unspecified
other impact via a large precision value in an integer format string
specifier to the format function, as demonstrated via a certain “emacs
-batch -eval” command line.
Author | Note |
---|---|
jdstrand | debian patch had regression. Also see http://bugs.debian.org/456235 per gentoo, xemacs21 21.4.x not affected, but 21.5 is. Verified all releases not affected |