CVE-2008-2142

Severity

68%

Complexity

86%

Confidentiality

106%

Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.

Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

GNU

First reported 16 years ago

2008-05-12 19:20:00

Last updated 6 years ago

2018-10-11 20:39:00

Affected Software

GNU Emacs 21.3.1

21.3.1

GNU XEmacs

References

[emacs-devel] 20080510 [[email protected]: Emacs security bug]

SUSE-SR:2008:012

30199

30216

30303

30581

30827

34004

GLSA-200902-06

http://thread.gmane.org/gmane.emacs.devel/96903

Exploit

http://tracker.xemacs.org/XEmacs/its/issue378

http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177

MDVSA-2008:153

MDVSA-2008:154

20080527 rPSA-2008-0177-1 emacs emacs-leim

29176

1020019

ADV-2008-1539

ADV-2008-1540

https://bugs.gentoo.org/show_bug.cgi?id=221197

xemacs-gnuemacs-flc-code-execution(42362)

https://issues.rpath.com/browse/RPL-2529

FEDORA-2008-5446

FEDORA-2008-5504

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.