Ubuntu Update For Emacs23 USN-1586-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1586-1

Solution

Please Install the Updated Packages.

Insight

Hiroshi Oota discovered that Emacs incorrectly handled search paths. If a user were tricked into opening a file with Emacs, a local attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. (CVE-2012-0035) Paul Ling discovered that Emacs incorrectly handled certain eval forms in local-variable sections. If a user were tricked into opening a specially crafted file with Emacs, a remote attacker could execute arbitrary Lisp code with the privileges of the user invoking the program. (CVE-2012-3479)

Affected

emacs23 on Ubuntu 12.04 LTS , Ubuntu 11.10

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-September/001844.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-0035, CVE-2012-3479

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Ubuntu Update for dhcp3 USN-1108-2
Ubuntu Update for cupsys vulnerability USN-539-1
Ubuntu Update for eglibc USN-1991-1
Ubuntu Update for devscripts USN-1366-1
Ubuntu Update for ca-certificates USN-1197-5

Ubuntu Update for emacs23 USN-1586-1

Take action and discover your vulnerabilities