Remote Code Execution in GNU Emacs by Exploiting Email Processing
CVE-2017-14482

8.8HIGH

Key Information:

Vendor
Gnu
Status
Emacs
Vendor
CVE Published:
14 September 2017

Summary

GNU Emacs versions prior to 25.3 are susceptible to a vulnerability that enables remote attackers to execute arbitrary code. This arises from the unsafe handling of email content with the 'Content-Type: text/enriched' header, where specifically crafted inputs can lead to the execution of shell commands. Users are particularly at risk when they read malicious email messages or Usenet articles. Attackers can leverage the unsafe extensions within lisp/textmodes/enriched.el and Gnus support for inline MIME objects in lisp/gnus/mm-view.el to compromise the Emacs environment instantly.

References

http://www.debian.org/security/2017/dsa-3975
vendor-advisoryx_refsource_DEBIAN
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=ema...
x_refsource_CONFIRM
https://www.debian.org/security/2017/dsa-3970
vendor-advisoryx_refsource_DEBIAN

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.