Описание
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2012-1103
- http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el
- http://notmuchmail.org/news/release-0.11.1
- http://secunia.com/advisories/48139
- http://www.debian.org/security/2012/dsa-2416
- http://www.openwall.com/lists/oss-security/2012/03/04/5
- http://www.openwall.com/lists/oss-security/2012/03/05/6
- http://www.securityfocus.com/bid/52155
Связанные уязвимости
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs in ...