CVE-2008-1694
Published: 22 April 2008
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
emacs21 Launchpad, Ubuntu, Debian |
dapper |
Released
(21.4a-3ubuntu2.2)
|
| feisty |
Released
(21.4a+1-2ubuntu1.2)
|
|
| gutsy |
Released
(21.4a+1-5ubuntu4.1)
|
|
| hardy |
Released
(21.4a+1-5.3ubuntu1.1)
|
|
| intrepid |
Not vulnerable
(21.4a+1-5.4ubuntu1)
|
|
| jaunty |
Not vulnerable
(21.4a+1-5.4ubuntu1)
|
|
| karmic |
Does not exist
|
|
| upstream |
Released
(21.4a+1-5.4)
|
|
|
emacs22 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| feisty |
Does not exist
|
|
| gutsy |
Released
(22.1-0ubuntu5.2)
|
|
| hardy |
Released
(22.1-0ubuntu10.1)
|
|
| intrepid |
Released
(22.2-0ubuntu2)
|
|
| jaunty |
Released
(22.2-0ubuntu2)
|
|
| karmic |
Released
(22.2-0ubuntu2)
|
|
| upstream |
Released
(22.2+2-2)
|
|
|
xemacs21 Launchpad, Ubuntu, Debian |
dapper |
Released
(21.4.18-1ubuntu1.1)
|
| feisty |
Released
(21.4.19-2ubuntu0.1)
|
|
| gutsy |
Released
(21.4.20-1.1ubuntu0.1)
|
|
| hardy |
Released
(21.4.21-1ubuntu3.1)
|
|
| intrepid |
Not vulnerable
(21.4.21-4ubuntu1)
|
|
| jaunty |
Not vulnerable
(21.4.21-4ubuntu1)
|
|
| karmic |
Not vulnerable
(21.4.22-2ubuntu1)
|
|
| upstream |
Released
(21.4.21-4)
|