Download
| Alert*
|
oval:org.secpod.oval:def:701027
emacs23: The GNU Emacs editor Emacs could be made to run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:21811 The host is installed with Emacs 24.3 and earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on a /tmp/Mosaic temporary file. Successful exploitation allows local users to overwrite arbitrary files. oval:org.secpod.oval:def:21812 The host is installed with Emacs 24.3 and earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on a /tmp/tramp temporary file. Successful exploitation allows local users to overwrite arbitrary files. oval:org.secpod.oval:def:21810 The host is installed with Emacs 24.3 and earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on a temporary file under /tmp/esrc/. Successful exploitation allows local users to overwrite arbitrary files. oval:org.secpod.oval:def:21809 The host is installed with Emacs 24.3 and earlier and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle a symlink attack on the /tmp/gnus.face.ppm temporary file. Successful exploitation allows local users to overwrite arbitrary files. oval:org.secpod.oval:def:107040 Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language , and the capability to read mail, news, and more without leaving the editor. This package provides an emacs binary with support for X windows. oval:org.secpod.oval:def:1300306 Updated emacs packages fix security vulnerabilities: Steve Kemp discovered multiple temporary file handling issues in Emacs. A local attacker could use these flaws to perform symbolic link attacks against users running Emacs . |
