Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1586-1
HistorySep 27, 2012 - 12:00 a.m.

Emacs vulnerabilities

2012-09-2700:00:00
ubuntu.com
54

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON

Releases

  • Ubuntu 12.04
  • Ubuntu 11.10

Packages

  • emacs23 - The GNU Emacs editor (with GTK+ user interface)

Details

Hiroshi Oota discovered that Emacs incorrectly handled search paths. If a
user were tricked into opening a file with Emacs, a local attacker could
execute arbitrary Lisp code with the privileges of the user invoking the
program. (CVE-2012-0035)

Paul Ling discovered that Emacs incorrectly handled certain eval forms in
local-variable sections. If a user were tricked into opening a specially
crafted file with Emacs, a remote attacker could execute arbitrary Lisp
code with the privileges of the user invoking the program. (CVE-2012-3479)

Related

openvas 18
nessus 14
fedora 4
gentoo 3
debiancve 1
debian 1
nvd 2
cve 2
kaspersky 1
prion 2
cvelist 2
ubuntucve 2
freebsd 1
securityvulns 2
slackware 1
osv 2
openvas
openvas
Fedora Update for emacs FEDORA-2012-11872
2012-08-24 00:00:00
Fedora Update for emacs FEDORA-2012-11872
2012-08-24 00:00:00
Gentoo Security Advisory GLSA 201403-05
2015-09-29 00:00:00
nessus
nessus
GLSA-201403-05 : GNU Emacs: Multiple vulnerabilities
2014-03-21 00:00:00
Ubuntu 11.10 / 12.04 LTS : emacs23 vulnerabilities (USN-1586-1)
2012-09-28 00:00:00
Mandriva Linux Security Advisory : emacs (MDVSA-2013:076)
2013-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: emacs-23.3-10.fc16
2012-08-22 20:58:06
[SECURITY] Fedora 16 Update: emacs-23.3-9.fc16
2012-01-23 21:57:59
[SECURITY] Fedora 15 Update: emacs-23.3-8.fc15
2012-01-23 21:57:25
gentoo
gentoo
GNU Emacs: Multiple vulnerabilities
2014-03-20 00:00:00
EDE: Privilege escalation
2018-12-06 00:00:00
CEDET: Privilege escalation
2014-01-27 00:00:00
debiancve
debiancve
CVE-2012-3479
2012-08-25 10:29:00
debian
debian
[SECURITY] [DSA 2603-1] emacs23 security update
2013-01-09 19:02:30
nvd
nvd
CVE-2012-3479
2012-08-25 10:29:51
CVE-2012-0035
2012-01-19 15:55:00
cve
cve
CVE-2012-0035
2012-01-19 15:55:00
CVE-2012-3479
2012-08-25 10:29:51
kaspersky
kaspersky
KLA10170 LPE vulnerability in Emacs
2012-01-19 00:00:00
prion
prion
Design/Logic Flaw
2012-01-19 15:55:00
Code injection
2012-08-25 10:29:00
cvelist
cvelist
CVE-2012-0035
2012-01-19 15:00:00
CVE-2012-3479
2012-08-25 10:00:00
ubuntucve
ubuntucve
CVE-2012-0035
2012-01-19 00:00:00
CVE-2012-3479
2012-08-25 00:00:00
freebsd
freebsd
emacs -- remote code execution vulnerability
2012-08-13 00:00:00
securityvulns
securityvulns
emacs protection bypass
2012-08-20 00:00:00
[slackware-security] emacs (SSA:2012-228-02)
2012-08-20 00:00:00
slackware
slackware
[slackware-security] emacs
2012-08-16 06:32:59
osv
osv
emacs23 - programming error
2013-01-09 00:00:00
emacs-25.1-1.1 on GA media
2024-06-15 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7

Confidence

Low

EPSS

0.013

Percentile

86.0%

JSON
Related for USN-1586-1
openvas18nessus14fedora4gentoo3debiancve1debian1nvd2cve2kaspersky1prion2cvelist2ubuntucve2freebsd1securityvulns2slackware1osv2