Symlink Attack Vulnerability in Emacs Products from GNU
CVE-2010-0825

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs
Vendor: CVE Published:; 5 April 2010

What is CVE-2010-0825?

The vulnerability identified in Emacs versions 22 and 23 allows local users to exploit improper file permission checks on mailbox files. By leveraging a symlink attack, unauthorized users can read, modify, or delete mailbox files, potentially compromising the integrity and confidentiality of sensitive information. This necessitates immediate attention to security practices and prompt updates to safeguard against such threats.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

https://exchange.xforce.ibmcloud.com/vulnerabilities/57457

vdb-entryx_refsource_XF

http://www.ubuntu.com/usn/USN-919-1

vendor-advisoryx_refsource_UBUNTU

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2010
Vulnerability Reserved
Mar 3, 2010

Gnu

What is CVE-2010-0825?

References

Timeline