CVE-2007-6109
https://notcve.org/view.php?id=CVE-2007-6109
Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line. Un desbordamiento de búfer en la región stack de la memoria en emacs, permite a los atacantes asistidos por el usuario causar una denegación de servicio (bloqueo de aplicación) y posiblemente tener otro impacto no especificado por medio de un valor de gran precisión en un especificador de cadena de formato de enteros para la función format, como es demostrado por medio de una determinada línea de comandos "emacs -batch -eval". • http://bugs.gentoo.org/show_bug.cgi?id=200297 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html http://secunia.com/advisories/27965 http://secunia.com/advisories/27984 http://secunia.com/advisories/28838 http://secunia.com/advisories/29420 http://secunia.com/advisories/30109 http://security.gentoo.org/glsa/glsa-200712-03.xml htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5795 – GNU Emacs 22.1 - Local Variable Handling Code Execution
https://notcve.org/view.php?id=CVE-2007-5795
The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration. La función hack-local-variables en el Emacs anterior al 22.2, cuando el enable-local-variables está establecido a :safe, no busca correctamente las listas de las variables no seguras o de riesgo, lo que permite a permite a atacantes con la intervención del usuario evitar las restricciones y modificar variables de programa críticas a través de un fichero que contiene declaraciones de variables Locales. • https://www.exploit-db.com/exploits/30736 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449008 http://bugs.gentoo.org/show_bug.cgi?id=197958 http://cvs.savannah.gnu.org/viewvc/emacs/emacs/lisp/files.el?r1=1.896.2.28&r2=1.896.2.29 http://docs.info.apple.com/article.html?artnum=307562 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html http://osvdb.org/42060 http://secunia.com/advisories/27508 http://secunia.com/advisories/27627 http:& •
CVE-2007-2833
https://notcve.org/view.php?id=CVE-2007-2833
Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation. Emacs 21 permite a atacantes con la intervención del usuario provocar una denegación de servicio (caída) a través de ciertas imágenes modificadas, como lo demostrado a través de imágenes GIF en el modo vm, relacionado con el cálculo del tamaño de la imagen. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929 http://secunia.com/advisories/26987 http://www.debian.org/security/2007/dsa-1316 http://www.mandriva.com/security/advisories?name=MDKSA-2007:133 http://www.novell.com/linux/security/advisories/2007_19_sr.html http://www.securityfocus.com/bid/24570 http://www.securitytracker.com/id?1018277 http://www.ubuntu.com/usn/usn-504-1 https://issues.rpath.com/browse/RPL-1490 •
CVE-2005-0100
https://notcve.org/view.php?id=CVE-2005-0100
Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. • http://marc.info/?l=bugtraq&m=110780416112719&w=2 http://www.debian.org/security/2005/dsa-670 http://www.debian.org/security/2005/dsa-671 http://www.debian.org/security/2005/dsa-685 http://www.mandriva.com/security/advisories?name=MDKSA-2005:038 http://www.redhat.com/support/errata/RHSA-2005-110.html http://www.redhat.com/support/errata/RHSA-2005-112.html http://www.redhat.com/support/errata/RHSA-2005-133.html http://www.securityfocus.com/archive/1/433928/3 •
CVE-2003-1232 – Emacs 2.1 - Local Variable Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2003-1232
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. • https://www.exploit-db.com/exploits/26492 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183 http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en&lr=&ie=UTF-8&oe=UTF-8&rnum=1&prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html http://secunia.com •