Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6109

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6109
Last Modified 07 Mar 2011 10:01:47
Published 07 Dec 2007 06:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6109

Summary

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.

Vulnerable Systems

Application

  • Gnu Emacs


References

XF - emacs-unspecified-bo(38904)

VUPEN - ADV-2008-0924

UBUNTU - USN-607-1

SUSE - SUSE-SR:2007:025

GENTOO - GLSA-200712-03

SECUNIA - 30109

SECUNIA - 27984

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=200297

MANDRIVA - MDVSA-2008:034

SECUNIA - 29420

SECUNIA - 28838

SECUNIA - 27965

SUSE - SUSE-SR:2008:003

APPLE - APPLE-SA-2008-03-18

CONFIRM - http://docs.info.apple.com/article.html?artnum=307562

Related Patches

Apple 2008-03-18 Security Update 2008-002 v1.0 Server (Tiger PPC)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Tiger PPC)

Apple 2008-03-18 Security Update 2008-002 v1.0 Server (Tiger Universal)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Tiger Universal)

Apple 2008-03-18 Security Update 2008-002 v1.0 Client (Leopard)

Apple 2008-03-26 Security Update 2008-002 v1.1 Server (Leopard) (Rev 2)

Apple 2008-03-26 Security Update 2008-002 v1.1 Client (Leopard) (Rev 2)


Last Updated: 27 May 2016 10:46:22