CVE-2014-3422

Currently unrated

Key Information:

Vendor
Gnu
Status
Emacs
Vendor
CVE Published:
8 May 2014

Summary

lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.

References

http://openwall.com/lists/oss-security/2014/05/07/7
mailing-listx_refsource_MLIST
http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://advisories.mageia.org/MGASA-2014-0250.html
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.