Ubuntu Update For Emacs23 USN-1586-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1586-1

Solution

Please Install the Updated Packages.

Insight

Hiroshi Oota discovered that Emacs incorrectly handled search paths. If a user were tricked into opening a file with Emacs, a local attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. (CVE-2012-0035) Paul Ling discovered that Emacs incorrectly handled certain eval forms in local-variable sections. If a user were tricked into opening a specially crafted file with Emacs, a remote attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. (CVE-2012-3479)

Affected

emacs23 on Ubuntu 12.04 LTS , Ubuntu 11.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-September/001844.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0035, CVE-2012-3479
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for clamav USN-1773-1
Ubuntu Update for cupsys vulnerability USN-539-1
Ubuntu Update for eglibc USN-2328-1
Ubuntu Update for bsd-mailx USN-2455-1
Ubuntu Update for dhcp vulnerability USN-531-2

Ubuntu Update for emacs23 USN-1586-1

Take action and discover your vulnerabilities