Symlink Vulnerability in Emacs and XEmacs Allowing File Modifications
CVE-2001-1301

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs; Xemacs
Vendor: CVE Published:; 7 August 2001

What is CVE-2001-1301?

The rcs2log utility, used in versions of Emacs 20.4 and XEmacs 21.1.10 prior to 21.4, is prone to a vulnerability that allows local users to manipulate files owned by other users through the exploitation of a symlink attack targeting temporary files. This could lead to unauthorized access and modifications to sensitive data, highlighting the importance of securing temporary file handling in applications.

References

http://archives.neohapsis.com/archives/bugtraq/2001-08/00...

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/11210.php

vdb-entryx_refsource_XF

http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-s...

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
May 1, 2002
Vulnerability published
Aug 7, 2001

Gnu

What is CVE-2001-1301?

References

Timeline