CVE-2012-3479

lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:23.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:24.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-25 10:29

Updated : 2024-02-28 12:00


NVD link : CVE-2012-3479

Mitre link : CVE-2012-3479

CVE.ORG link : CVE-2012-3479


JSON object : View

Products Affected

gnu

  • emacs