Symlink Vulnerability in Emacs 20 by GNU
CVE-2000-0270

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs
Vendor: CVE Published:; 18 April 2000

What is CVE-2000-0270?

The make-temp-name Lisp function in Emacs 20 generates temporary files with easily predictable names. This design flaw can be exploited by attackers to perform symlink attacks, potentially redirecting file operations to unauthorized locations. This vulnerability emphasizes the importance of using secure naming conventions for temporary files to mitigate risks associated with unauthorized access and modification of sensitive data.

References

http://www.securityfocus.com/bid/1126

vdb-entryx_refsource_BID

http://www.securityfocus.com/templates/archive.pike?list=...

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Apr 26, 2000
Vulnerability published
Apr 18, 2000

Gnu

What is CVE-2000-0270?

References

Timeline