Local File Overwrite Vulnerability in Emacs Software by GNU
CVE-2008-1694

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs; Sccs
Vendor: CVE Published:; 22 April 2008

Summary

A vulnerability exists in GNU Emacs, specifically in the vcdiff component. When utilized in conjunction with the SCCS tool, this flaw permits local users to exploit a symlink attack on temporary files. By doing so, an unauthorized user may overwrite arbitrary files, potentially compromising system integrity and user data.

References

https://usn.ubuntu.com/607-1/

vendor-advisoryx_refsource_UBUNTU

http://secunia.com/advisories/29905

third-party-advisoryx_refsource_SECUNIA

https://bugzilla.redhat.com/show_bug.cgi?id=208483

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 22, 2008
Vulnerability Reserved
Apr 8, 2008