Home

CVE-2012-0035

Description

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.

Risk Information

Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.03

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in GNU Emacs 20.0Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.2Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.3Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.4Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.5Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.6Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.2.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.3Windows
Multiple Vulnerabilities are affected in GNU Emacs 21Windows
Multiple Vulnerabilities are affected in GNU Emacs 22.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 20.7Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.2Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.4Windows
Multiple Vulnerabilities are affected in GNU Emacs 21.3.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 22.2Windows
Multiple Vulnerabilities are affected in GNU Emacs 22.3Windows
Multiple Vulnerabilities are affected in GNU Emacs 23.1Windows
Multiple Vulnerabilities are affected in GNU Emacs 23.2Windows
Multiple Vulnerabilities are affected in GNU Emacs 23.3Windows
Multiple Vulnerabilities are affected in GNU Emacs 23.4Windows
The GNU Emacs editor (with GTK+ user interface) (USN-1586-1) emacs23_23.3+1-1ubuntu9.1_i386.debLinux
The GNU Emacs editor (with GTK+ user interface) (USN-1586-1) emacs23_23.3+1-1ubuntu9.1_amd64.debLinux
The GNU Emacs editor (with GTK+ user interface) (USN-1586-1) emacs23-common_23.3+1-1ubuntu9.1_all.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234