Описание
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
Ссылки
- Patch
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 91%
0.06477
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
больше 21 года назад
Emacs 21.2.1 does not prompt or warn the user before executing Lisp co ...
github
больше 3 лет назад
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
EPSS
Процентиль: 91%
0.06477
Низкий
5.1 Medium
CVSS2
Дефекты
NVD-CWE-Other