漏洞信息详情
Emacs局部变量任意命令执行漏洞
- CNNVD编号:CNNVD-200312-329
- 危害等级: 中危
![图片[1]-Emacs局部变量任意命令执行漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-17/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2003-1232
- 漏洞类型:
输入验证
- 发布时间:
2003-12-31
- 威胁类型:
远程
- 更新时间:
2010-04-02
- 厂 商:
gnu - 漏洞来源:
Georgi Guninski di… -
漏洞简介
Emacs 21.2.1版本在执行文本文件的局部变量段中的Lisp代码之前不提示或警告用户,用户辅助的攻击者可以执行任意命令,正如使用mode-name变量。
漏洞公告
The vendor has released version 21.3 of emacs to address this issue.
Mandriva has released advisory MDKSA-2005:208, along with fixes to address this issue. Please see the referenced advisory for further information.
GNU Emacs 21.2
-
GNU emacs-21.3.tar.gz
http://ftp.gnu.org/pub/gnu/emacs/emacs-21.3.tar.gz -
Mandriva emacs-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
-
Mandriva emacs-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-21.3-1.1.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-el-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-el-21.3-1.1.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-leim-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-leim-21.3-1.1.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-nox-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-nox-21.3-1.1.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-X11-21.3-1.1.C21mdk.i586.rpmCorporate Server 2.1:
http://www1.mandrivalinux.com/en/ftp.php3 -
Mandriva emacs-X11-21.3-1.1.C21mdk.x86_64.rpmCorporate Server 2.1/X86_64:
http://www1.mandrivalinux.com/en/ftp.php3
参考网址
来源: lists.grok.org.uk
链接:http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html
来源: SECUNIA
名称: 17496
链接:http://secunia.com/advisories/17496
来源: groups.google.com
链接:http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en&lr=&ie=UTF-8&oe=UTF-8&rnum=1&prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f
来源: groups.google.com
链接:http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en&lr=&ie=UTF-8&oe=UTF-8&rnum=1&prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f
来源: bugs.debian.org
链接:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183
来源: BID
名称: 15375
链接:http://www.securityfocus.com/bid/15375
来源: MANDRIVA
名称: MDKSA-2005:208
链接:http://www.mandriva.com/security/advisories?name=MDKSA-2005:208
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
