Описание
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| hardy | ignored | end of life |
| lucid | not-affected | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | DNE | |
| raring | DNE | |
| saucy | DNE | |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 23.4+1-4ubuntu1 |
| hardy | DNE | |
| lucid | not-affected | 23.1+1-4ubuntu7.3 |
| natty | ignored | |
| oneiric | released | 23.3+1-1ubuntu4.1 |
| precise | released | 23.3+1-1ubuntu9.1 |
| quantal | released | 23.4+1-4ubuntu1 |
| raring | released | 23.4+1-4ubuntu1 |
| saucy | released | 23.4+1-4ubuntu1 |
| upstream | released | 23.4+1-4 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 24.1+1-2ubuntu3 |
| hardy | DNE | |
| lucid | DNE | |
| natty | DNE | |
| oneiric | DNE | |
| precise | DNE | |
| quantal | released | 24.1+1-2ubuntu3 |
| raring | released | 24.1+1-2ubuntu3 |
| saucy | released | 24.1+1-2ubuntu3 |
| upstream | released | 24.2+1-1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| hardy | ignored | end of life |
| lucid | not-affected | |
| natty | not-affected | |
| oneiric | not-affected | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | not-affected | |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically execut ...
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
EPSS
6.8 Medium
CVSS2