Search CVE reports
21 – 30 of 33 results
CVE-2012-3479
Medium prioritySome fixes available 8 of 15
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute...
6 affected packages
emacs-snapshot, emacs21, emacs22, emacs23, emacs24, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs-snapshot | — | — | — | — | — |
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| emacs23 | — | — | — | — | — |
| emacs24 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |
CVE-2012-0035
Low prioritySome fixes available 2 of 7
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or...
3 affected packages
cedet, emacs22, emacs23
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| cedet | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| emacs23 | — | — | — | — | — |
CVE-2010-0825
Medium prioritySome fixes available 15 of 25
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
4 affected packages
emacs21, emacs22, emacs23, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| emacs23 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |
CVE-2009-2688
Medium priorityMultiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a...
1 affected packages
xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| xemacs21 | — | — | — | — | — |
CVE-2008-4952
Low priorityemacs-jabber in emacs-jabber 0.7.91 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/*.log temporary file.
1 affected packages
emacs-jabber
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs-jabber | — | — | — | — | — |
CVE-2008-4191
Low priorityextract-table.pl in Emacspeak 26 and 28 allows local users to overwrite arbitrary files via a symlink attack on the extract-table.csv temporary file.
1 affected packages
emacspeak
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacspeak | — | — | — | — | — |
CVE-2008-3949
Low priorityemacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
2 affected packages
emacs21, emacs22
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
CVE-2008-2142
Low priorityEmacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
3 affected packages
emacs21, emacs22, xemacs21-packages
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21-packages | — | — | — | — | — |
CVE-2008-1694
Low priorityvcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
3 affected packages
emacs21, emacs22, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |
CVE-2007-6109
Medium prioritySome fixes available 5 of 6
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to...
3 affected packages
emacs21, emacs22, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |