Published: 05/04/2010 Updated: 17/08/2017

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu emacs 22.1
gnu emacs 22.2
gnu emacs 22.3
gnu emacs 23.1

Debian Bug report logs - #590301 emacs22: CVE-2010-0825 movemail vulnerable to symlink attacks due to race condition Package: emacs22; Maintainer for emacs22 is Rob Browning <rlb@defaultvalueorg>; Source for emacs22 is src:emacs (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Sun, 25 Jul 2010 1 ...

Dan Rosenberg discovered that the email helper in Emacs did not correctly check file permissions A local attacker could perform a symlink race to read or append to another user’s mailbox if it was stored under a group-writable group-“mail” directory ...

CWE-264 http://secunia.com/advisories/39155 http://www.ubuntu.com/usn/USN-919-1 https://bugs.launchpad.net/ubuntu/+bug/531569 http://www.vupen.com/english/advisories/2010/0734 http://www.mandriva.com/security/advisories?name=MDVSA-2010:083 http://www.vupen.com/english/advisories/2010/0952 https://exchange.xforce.ibmcloud.com/vulnerabilities/57457 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590301 https://usn.ubuntu.com/919-1/https://nvd.nist.gov

CVE-2010-0825

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect