Download
| Alert*
USN-919-1 -- emacs22, emacs23 vulnerability
Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions. A local attacker could perform a symlink race to read or append to another user"s mailbox if it was stored under a group-writable group-"mail" directory.
|