CVE 2008-1694
vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Related bugs and status
CVE-2008-1694 (Candidate) is related to these bugs:
Bug #174177: [emacs] [CVE-2007-6109] buffer overflow
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Debian) | Unknown | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu Dapper) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu Dapper) | Undecided | Invalid | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu Feisty) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu Feisty) | Undecided | Invalid | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu Gutsy) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu Gutsy) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu Intrepid) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu Intrepid) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs21 (Ubuntu Hardy) | Undecided | Fix Released | ||
174177 | [emacs] [CVE-2007-6109] buffer overflow | emacs22 (Ubuntu Hardy) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.