CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 0CVE-2009-2688
https://notcve.org/view.php?id=CVE-2009-2688
05 Aug 2009 — Multiple integer overflows in glyphs-eimage.c in XEmacs 21.4.22, when running on Windows, allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) the tiff_instantiate function processing a crafted TIFF file, (2) the png_instantiate function processing a crafted PNG file, and (3) the jpeg_instantiate function processing a crafted JPEG file, all which trigger a heap-based buffer overflow. NOTE: the provenance of this information is unknown; the details are obtained solely... • http://osvdb.org/55298 • CWE-189: Numeric Errors •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2001-1301
https://notcve.org/view.php?id=CVE-2001-1301
07 Aug 2001 — rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. • http://archives.neohapsis.com/archives/bugtraq/2001-08/0093.html •