Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1301

Overview

Vulnerability Score 1.2 1.2
CVE Id CVE-2001-1301
Last Modified 05 Sep 2008 04:26:11
Published 07 Aug 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2001-1301

Summary

rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.

Vulnerable Systems

Application

  • Gnu Emacs 20.4

  • Xemacs 21.1.10


References

CONFIRM - http://savannah.gnu.org/cgi-bin/viewcvs/emacs/emacs/lib-src/rcs2log?only_with_tag=EMACS_PRETEST_21_0_95

BUGTRAQ - 20010807 rcs2log

XF - rcs2log-tmp-symlink(11210)


Last Updated: 27 May 2016 10:36:36