rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions prior to 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu emacs 20.4 |
||
xemacs xemacs 21.1.10 |