2 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

Format string vulnerability in the movemail utility in (1) Emacs 20.x, 21.3, and possibly other versions, and (2) XEmacs 21.4 and earlier, allows remote malicious POP3 servers to execute arbitrary code via crafted packets. • http://marc.info/?l=bugtraq&m=110780416112719&w=2 http://www.debian.org/security/2005/dsa-670 http://www.debian.org/security/2005/dsa-671 http://www.debian.org/security/2005/dsa-685 http://www.mandriva.com/security/advisories?name=MDKSA-2005:038 http://www.redhat.com/support/errata/RHSA-2005-110.html http://www.redhat.com/support/errata/RHSA-2005-112.html http://www.redhat.com/support/errata/RHSA-2005-133.html http://www.securityfocus.com/archive/1/433928/3 •

CVSS: 1.2EPSS: 0%CPEs: 2EXPL: 0

rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. • http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95 http://www.iss.net/security_center/static/11210.php •