CVE-2014-3422

Опубликовано: 08 мая 2014

Источник: debian

Описание

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
emacs23	removed			package
emacs23	no-dsa		wheezy	package
emacs23	no-dsa		squeeze	package
emacs24	fixed	24.3+1-4		package
xemacs21-packages	not-affected			package

Примечания

http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html

Связанные уязвимости

CVE-2014-3422

ubuntu

больше 11 лет назад

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

CVE-2014-3422

redhat

почти 12 лет назад

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

CVE-2014-3422

nvd

больше 11 лет назад

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

GHSA-8pgq-966c-5f7q

github

больше 3 лет назад

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

SUSE-SU-2015:0834-1

suse-cvrf

почти 11 лет назад

Security update for emacs