CVE-2010-0825

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
canonicalCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 20%
VendorProductVersion
gnuemacs
22.1
gnuemacs
22.2
gnuemacs
22.3
gnuemacs
23.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
xemacs21
bullseye
21.4.24-9
fixed
lenny
no-dsa
bookworm
21.4.24-11
fixed
sid
21.4.24-12
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
emacs21
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
dne
lucid
dne
karmic
dne
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
ignored
emacs22
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
Fixed 22.2-0ubuntu9
released
lucid
Fixed 22.2-0ubuntu9
released
karmic
Fixed 22.2-0ubuntu6.2
released
jaunty
Fixed 22.2-0ubuntu2.9.04.1
released
intrepid
Fixed 22.2-0ubuntu2.8.10.1
released
hardy
Fixed 22.1-0ubuntu10.2
released
dapper
dne
emacs23
saucy
Fixed 23.1+1-4ubuntu7
released
raring
Fixed 23.1+1-4ubuntu7
released
quantal
Fixed 23.1+1-4ubuntu7
released
precise
Fixed 23.1+1-4ubuntu7
released
oneiric
Fixed 23.1+1-4ubuntu7
released
natty
Fixed 23.1+1-4ubuntu7
released
maverick
Fixed 23.1+1-4ubuntu7
released
lucid
Fixed 23.1+1-4ubuntu7
released
karmic
Fixed 23.1+1-4ubuntu3.2
released
jaunty
dne
intrepid
dne
hardy
dne
dapper
dne
xemacs21
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
not-affected
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
ignored
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/39155
http://www.mandriva.com/security/advisories?name=MDVSA-2010:083
http://www.ubuntu.com/usn/USN-919-1
http://www.vupen.com/english/advisories/2010/0734
http://www.vupen.com/english/advisories/2010/0952
https://bugs.launchpad.net/ubuntu/+bug/531569
https://exchange.xforce.ibmcloud.com/vulnerabilities/57457
http://secunia.com/advisories/39155
http://www.mandriva.com/security/advisories?name=MDVSA-2010:083
http://www.ubuntu.com/usn/USN-919-1
http://www.vupen.com/english/advisories/2010/0734
http://www.vupen.com/english/advisories/2010/0952
https://bugs.launchpad.net/ubuntu/+bug/531569
https://exchange.xforce.ibmcloud.com/vulnerabilities/57457