CVE-2010-0825

EUVD-2010-0851
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 30%
Affected Products (NVD)
VendorProductVersion
gnuemacs
22.1
gnuemacs
22.2
gnuemacs
22.3
gnuemacs
23.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xemacs21
bookworm
21.4.24-11
fixed
bullseye
21.4.24-9
fixed
lenny
no-dsa
sid
21.4.24-12
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
emacs21
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
dne
lucid
dne
maverick
dne
natty
dne
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
emacs22
dapper
dne
hardy
Fixed 22.1-0ubuntu10.2
released
intrepid
Fixed 22.2-0ubuntu2.8.10.1
released
jaunty
Fixed 22.2-0ubuntu2.9.04.1
released
karmic
Fixed 22.2-0ubuntu6.2
released
lucid
Fixed 22.2-0ubuntu9
released
maverick
Fixed 22.2-0ubuntu9
released
natty
dne
oneiric
dne
precise
dne
quantal
dne
raring
dne
saucy
dne
emacs23
dapper
dne
hardy
dne
intrepid
dne
jaunty
dne
karmic
Fixed 23.1+1-4ubuntu3.2
released
lucid
Fixed 23.1+1-4ubuntu7
released
maverick
Fixed 23.1+1-4ubuntu7
released
natty
Fixed 23.1+1-4ubuntu7
released
oneiric
Fixed 23.1+1-4ubuntu7
released
precise
Fixed 23.1+1-4ubuntu7
released
quantal
Fixed 23.1+1-4ubuntu7
released
raring
Fixed 23.1+1-4ubuntu7
released
saucy
Fixed 23.1+1-4ubuntu7
released
xemacs21
dapper
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
ignored
maverick
not-affected
natty
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://secunia.com/advisories/39155
http://www.mandriva.com/security/advisories?name=MDVSA-2010:083
http://www.ubuntu.com/usn/USN-919-1
http://www.vupen.com/english/advisories/2010/0734
http://www.vupen.com/english/advisories/2010/0952
https://bugs.launchpad.net/ubuntu/+bug/531569
https://exchange.xforce.ibmcloud.com/vulnerabilities/57457
http://secunia.com/advisories/39155
http://www.mandriva.com/security/advisories?name=MDVSA-2010:083
http://www.ubuntu.com/usn/USN-919-1
http://www.vupen.com/english/advisories/2010/0734
http://www.vupen.com/english/advisories/2010/0952
https://bugs.launchpad.net/ubuntu/+bug/531569
https://exchange.xforce.ibmcloud.com/vulnerabilities/57457