Stack-Based Buffer Overflow in Emacs Affects Wide Range of Distributions
CVE-2007-6109

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs
Vendor: CVE Published:; 7 December 2007

Summary

A stack-based buffer overflow vulnerability exists in Emacs, enabling user-assisted attackers to trigger application crashes resulting in denial of service. This can occur when an attacker crafts a large precision value in an integer format string specifier for the format function, specifically executable via the command line using 'emacs -batch -eval'. If exploited, this vulnerability may lead to additional unspecified impacts on the system.

References

http://secunia.com/advisories/27965

third-party-advisoryx_refsource_SECUNIA

https://usn.ubuntu.com/607-1/

vendor-advisoryx_refsource_UBUNTU

http://secunia.com/advisories/27984

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Dec 7, 2007
Vulnerability Reserved
Nov 23, 2007