CVE-2008-2142

Exploit

EPSS 4.36%
Published 12.05.2008 19:20:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.

Affected products Warnungen 0 Metrics 2 CWE 0 References 27

Data is provided by the National Vulnerability Database (NVD)

Gnu ≫ Emacs Version21.3.1

Gnu ≫ Xemacs

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	4.36%	0.885

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html

http://secunia.com/advisories/30581

http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html

http://secunia.com/advisories/30199

http://secunia.com/advisories/30216

http://secunia.com/advisories/30303

http://secunia.com/advisories/30827

http://secunia.com/advisories/34004

http://security.gentoo.org/glsa/glsa-200902-06.xml

http://thread.gmane.org/gmane.emacs.devel/96903

Exploit

http://tracker.xemacs.org/XEmacs/its/issue378

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177

http://www.mandriva.com/security/advisories?name=MDVSA-2008:153

http://www.mandriva.com/security/advisories?name=MDVSA-2008:154

http://www.securityfocus.com/archive/1/492657/100/0/threaded

http://www.securityfocus.com/bid/29176

http://www.securitytracker.com/id?1020019

http://www.vupen.com/english/advisories/2008/1539/references

http://www.vupen.com/english/advisories/2008/1540/references

https://bugs.gentoo.org/show_bug.cgi?id=221197

https://exchange.xforce.ibmcloud.com/vulnerabilities/42362

https://issues.rpath.com/browse/RPL-2529

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html

https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html

https://nvd.nist.gov/vuln/detail/CVE-2008-2142

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-2142

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-2142

EUVD