CVE-2012-0035

Currently unrated

Key Information:

Vendor: Gnu
Status: Emacs; Cedet
Vendor: CVE Published:; 19 January 2012

Summary

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.

References

http://openwall.com/lists/oss-security/2012/01/10/2

mailing-listx_refsource_MLIST

http://sourceforge.net/mailarchive/message.php?msg_id=286...

mailing-listx_refsource_MLIST

http://secunia.com/advisories/47311

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Jan 19, 2012
Vulnerability Reserved
Dec 7, 2011