Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-0035
HistoryJan 19, 2012 - 12:00 a.m.

CVE-2012-0035

2012-01-1900:00:00
ubuntu.com
ubuntu.com
5

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

51.0%

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used
in GNU Emacs before 23.4 and other products, allows local users to gain
privileges via a crafted Lisp expression in a Project.ede file in the
directory, or a parent directory, of an opened file.

Bugs

Notes

Author Note
sbeattie cedet was merged into emacs in 23.2
mdeslaur natty is too close to EoL to be worth difficult backport, ignoring
OSVersionArchitecturePackageVersionFilename
ubuntu11.10noarchemacs23< 23.3+1-1ubuntu4.1UNKNOWN
ubuntu12.04noarchemacs23< 23.3+1-1ubuntu9.1UNKNOWN

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

51.0%