Gentoo Linux Security Advisory GLSA 200902-06 - Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs. Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source file through local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Versions less than 22.2-r3 are affected.
17c8574bea50c15bdbfc0e4b347a4c54008d41f1d8b905d89aa9b3117651a5ffMandriva Linux Security Advisory - A vulnerability in xemacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by xemacs. The updated packages have been patched to correct this issue.
4f2b86980c8b8649e554d4d774dcb3460ffe1043f38da62b62114074a8c90c01Mandriva Linux Security Advisory - A vulnerability in emacs was found where an attacker could provide a group of files containing local variable definitions and arbitrary Lisp code to be executed when one of the provided files is opened by emacs. The updated packages have been patched to correct this issue.
40560bc23082187698d3b92addfc7ab5888597b4f0874ed4f353f8ae0421fd12
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed