CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
gnuemacs
𝑥
≤ 25.2
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
emacs23
disco
dne
cosmic
dne
bionic
dne
artful
dne
zesty
dne
xenial
dne
trusty
dne
emacs24
disco
dne
cosmic
dne
bionic
dne
artful
dne
zesty
ignored
xenial
Fixed 24.5+1-6ubuntu1.1
released
trusty
Fixed 24.3+1-2ubuntu1.1
released
emacs25
disco
dne
cosmic
dne
bionic
not-affected
artful
not-affected
zesty
Fixed 25.1+1-3ubuntu4.1
released
xenial
dne
trusty
dne
References
http://www.debian.org/security/2017/dsa-3975
http://www.openwall.com/lists/oss-security/2017/09/11/1
https://access.redhat.com/errata/RHSA-2017:2771
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
https://security.gentoo.org/glsa/201801-07
https://www.debian.org/security/2017/dsa-3970
https://www.gnu.org/software/emacs/index.html#Releases
http://www.debian.org/security/2017/dsa-3975
http://www.openwall.com/lists/oss-security/2017/09/11/1
https://access.redhat.com/errata/RHSA-2017:2771
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
https://security.gentoo.org/glsa/201801-07
https://www.debian.org/security/2017/dsa-3970
https://www.gnu.org/software/emacs/index.html#Releases