Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted malicious users to execute arbitrary commands, as demonstrated using the mode-name variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu emacs 21.2.1 |