CVE - CVE-2008-2142

CVE-ID
CVE-2008-2142	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Emacs 21 and XEmacs automatically load and execute .flc (fast lock) files that are associated with other files that are edited within Emacs, which allows user-assisted attackers to execute arbitrary code.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:29176 URL:http://www.securityfocus.com/bid/29176 BUGTRAQ:20080527 rPSA-2008-0177-1 emacs emacs-leim URL:http://www.securityfocus.com/archive/1/492657/100/0/threaded CONFIRM:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0177 CONFIRM:https://bugs.gentoo.org/show_bug.cgi?id=221197 CONFIRM:https://issues.rpath.com/browse/RPL-2529 FEDORA:FEDORA-2008-5446 URL:https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00736.html FEDORA:FEDORA-2008-5504 URL:https://www.redhat.com/archives/fedora-package-announce/2008-June/msg00782.html GENTOO:GLSA-200902-06 URL:http://security.gentoo.org/glsa/glsa-200902-06.xml MANDRIVA:MDVSA-2008:153 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:153~~ (Obsolete source) MANDRIVA:MDVSA-2008:154 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:154~~ (Obsolete source) MISC:http://thread.gmane.org/gmane.emacs.devel/96903 MISC:http://tracker.xemacs.org/XEmacs/its/issue378 MLIST:[emacs-devel] 20080510 [mwelinder@bogus.example.com: Emacs security bug] URL:http://lists.gnu.org/archive/html/emacs-devel/2008-05/msg00645.html SECTRACK:1020019 URL:http://www.securitytracker.com/id?1020019 SECUNIA:30199 URL:http://secunia.com/advisories/30199 SECUNIA:30216 URL:http://secunia.com/advisories/30216 SECUNIA:30303 URL:http://secunia.com/advisories/30303 SECUNIA:30581 URL:http://secunia.com/advisories/30581 SECUNIA:30827 URL:http://secunia.com/advisories/30827 SECUNIA:34004 URL:http://secunia.com/advisories/34004 SUSE:SUSE-SR:2008:012 URL:http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00001.html VUPEN:ADV-2008-1539 URL:~~http://www.vupen.com/english/advisories/2008/1539/references~~ (Obsolete source) VUPEN:ADV-2008-1540 URL:~~http://www.vupen.com/english/advisories/2008/1540/references~~ (Obsolete source) XF:xemacs-gnuemacs-flc-code-execution(42362) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/42362
Assigning CNA
MITRE Corporation
Date Record Created
20080512	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080512)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)