CVE-2003-1232
- EPSS 3.01%
- Veröffentlicht 31.12.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:03:45
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
CVE-2001-1301
- EPSS 0.3%
- Veröffentlicht 07.08.2001 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:59
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
CVE-2000-0269
- EPSS 0.36%
- Veröffentlicht 18.04.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:21
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVE-2000-0271
- EPSS 0.34%
- Veröffentlicht 18.04.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:22
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
CVE-2000-0270
- EPSS 0.35%
- Veröffentlicht 18.04.2000 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:51:22
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.