Search CVE reports
21 – 27 of 27 results
CVE-2008-3949
Low priorityemacs/lisp/progmodes/python.el in Emacs 22.1 and 22.2 imports Python script from the current working directory during editing of a Python file, which allows local users to execute arbitrary code via a Trojan horse Python file.
2 affected packages
emacs21, emacs22
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
CVE-2008-2142
Low priorityEmacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
3 affected packages
emacs21, emacs22, xemacs21-packages
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21-packages | — | — | — | — | — |
CVE-2008-1694
Low priorityvcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
3 affected packages
emacs21, emacs22, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |
CVE-2007-6109
Medium prioritySome fixes available 5 of 6
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to...
3 affected packages
emacs21, emacs22, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |
CVE-2007-5795
Low priorityThe hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended...
2 affected packages
emacs21, emacs22
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| emacs22 | — | — | — | — | — |
CVE-2007-2833
Unknown priorityEmacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.
1 affected packages
emacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
CVE-2005-0100
Unknown priorityFormat string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets.
2 affected packages
emacs21, xemacs21
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| emacs21 | — | — | — | — | — |
| xemacs21 | — | — | — | — | — |