Symlink Attack Vulnerability in Emacs Products from GNU
CVE-2010-0825

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs
Vendor: CVE Published:; 5 April 2010

Summary

The vulnerability identified in Emacs versions 22 and 23 allows local users to exploit improper file permission checks on mailbox files. By leveraging a symlink attack, unauthorized users can read, modify, or delete mailbox files, potentially compromising the integrity and confidentiality of sensitive information. This necessitates immediate attention to security practices and prompt updates to safeguard against such threats.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

https://exchange.xforce.ibmcloud.com/vulnerabilities/57457

vdb-entryx_refsource_XF

http://www.ubuntu.com/usn/USN-919-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Apr 5, 2010
Vulnerability Reserved
Mar 3, 2010