Incorrect Privilege Assignment Affecting emacs-nox package, versions *
Threat Intelligence
EPSS
0.04% (13th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL6-EMACSNOX-1360004
- published 26 Jul 2021
- disclosed 31 Oct 2017
Introduced: 31 Oct 2017
CVE-2017-1000383 Open this link in a new tabHow to fix?
There is no fixed version for RHEL:6
emacs-nox
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream emacs-nox
package and not the emacs-nox
package as distributed by RHEL
.
See How to fix?
for RHEL:6
relevant fixed versions and status.
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.