CVE-2012-0035

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
eric_m_ludlamcedet
𝑥
≤ 1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
eric_m_ludlamcedet
1.0
gnuemacs
𝑥
≤ 23.3
gnuemacs
20.0
gnuemacs
20.1
gnuemacs
20.2
gnuemacs
20.3
gnuemacs
20.4
gnuemacs
20.5
gnuemacs
20.6
gnuemacs
20.7
gnuemacs
21.1
gnuemacs
21.2
gnuemacs
21.2.1
gnuemacs
21.3
gnuemacs
21.3.1
gnuemacs
21.4
gnuemacs
22.1
gnuemacs
22.2
gnuemacs
22.3
gnuemacs
23.1
gnuemacs
23.2
gnuemacs
23.4
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
cedet
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
ignored
lucid
ignored
hardy
ignored
emacs22
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
not-affected
lucid
not-affected
hardy
ignored
emacs23
saucy
not-affected
raring
not-affected
quantal
not-affected
precise
Fixed 23.3+1-1ubuntu9.1
released
oneiric
Fixed 23.3+1-1ubuntu4.1
released
natty
ignored
maverick
not-affected
lucid
not-affected
hardy
dne