CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
Affected Products (NVD)
VendorProductVersion
gnuemacs
𝑥
≤ 25.2
debiandebian_linux
8.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
emacs23
artful
dne
bionic
dne
cosmic
dne
disco
dne
trusty
dne
xenial
dne
zesty
dne
emacs24
artful
dne
bionic
dne
cosmic
dne
disco
dne
trusty
Fixed 24.3+1-2ubuntu1.1
released
xenial
Fixed 24.5+1-6ubuntu1.1
released
zesty
ignored
emacs25
artful
not-affected
bionic
not-affected
cosmic
dne
disco
dne
trusty
dne
xenial
dne
zesty
Fixed 25.1+1-3ubuntu4.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
emacs
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
emacs-el
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
emacs-info
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
emacs-nox
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
emacs-x11
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
etags
suse enterprise sap 12 SP2
24.3-25.3.1
fixed
suse enterprise sap 12 SP3
24.3-25.3.1
fixed
suse enterprise server 12
24.3-25.3.1
fixed
suse enterprise server 12 SP1
24.3-25.3.1
fixed
suse enterprise server 12 SP2
24.3-25.3.1
fixed
suse enterprise server 12 SP3
24.3-25.3.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
emacs
RHEL 7
1:24.3-20.el7_4
fixed
emacs-common
RHEL 7
1:24.3-20.el7_4
fixed
emacs-el
RHEL 7
1:24.3-20.el7_4
fixed
emacs-filesystem
RHEL 7
1:24.3-20.el7_4
fixed
emacs-nox
RHEL 7
1:24.3-20.el7_4
fixed
emacs-terminal
RHEL 7
1:24.3-20.el7_4
fixed
References
http://www.debian.org/security/2017/dsa-3975
http://www.openwall.com/lists/oss-security/2017/09/11/1
https://access.redhat.com/errata/RHSA-2017:2771
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
https://security.gentoo.org/glsa/201801-07
https://www.debian.org/security/2017/dsa-3970
https://www.gnu.org/software/emacs/index.html#Releases
http://www.debian.org/security/2017/dsa-3975
http://www.openwall.com/lists/oss-security/2017/09/11/1
https://access.redhat.com/errata/RHSA-2017:2771
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=28350
https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70
https://security.gentoo.org/glsa/201801-07
https://www.debian.org/security/2017/dsa-3970
https://www.gnu.org/software/emacs/index.html#Releases