lisp/emacs-lisp/find-gc.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file under /tmp/esrc/.
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Emacs | Gnu | * | 24.3 (including) |
| Emacs | Gnu | 20.0 (including) | 20.0 (including) |
| Emacs | Gnu | 20.1 (including) | 20.1 (including) |
| Emacs | Gnu | 20.2 (including) | 20.2 (including) |
| Emacs | Gnu | 20.3 (including) | 20.3 (including) |
| Emacs | Gnu | 20.4 (including) | 20.4 (including) |
| Emacs | Gnu | 20.5 (including) | 20.5 (including) |
| Emacs | Gnu | 20.6 (including) | 20.6 (including) |
| Emacs | Gnu | 20.7 (including) | 20.7 (including) |
| Emacs | Gnu | 21 (including) | 21 (including) |
| Emacs | Gnu | 21.1 (including) | 21.1 (including) |
| Emacs | Gnu | 21.2 (including) | 21.2 (including) |
| Emacs | Gnu | 21.2.1 (including) | 21.2.1 (including) |
| Emacs | Gnu | 21.3 (including) | 21.3 (including) |
| Emacs | Gnu | 21.3.1 (including) | 21.3.1 (including) |
| Emacs | Gnu | 21.4 (including) | 21.4 (including) |
| Emacs | Gnu | 22.1 (including) | 22.1 (including) |
| Emacs | Gnu | 22.2 (including) | 22.2 (including) |
| Emacs | Gnu | 22.3 (including) | 22.3 (including) |
| Emacs | Gnu | 23.1 (including) | 23.1 (including) |
| Emacs | Gnu | 23.2 (including) | 23.2 (including) |
| Emacs | Gnu | 23.3 (including) | 23.3 (including) |
| Emacs | Gnu | 23.4 (including) | 23.4 (including) |
| Emacs | Gnu | 24.1 (including) | 24.1 (including) |
| Emacs | Gnu | 24.2 (including) | 24.2 (including) |
| Emacs-snapshot | Ubuntu | lucid | * |
| Emacs22 | Ubuntu | lucid | * |
| Emacs23 | Ubuntu | lucid | * |
| Emacs23 | Ubuntu | precise | * |
| Emacs23 | Ubuntu | quantal | * |
| Emacs23 | Ubuntu | saucy | * |
| Emacs23 | Ubuntu | trusty | * |
| Emacs23 | Ubuntu | utopic | * |
| Emacs24 | Ubuntu | trusty | * |
| Emacs24 | Ubuntu | upstream | * |
| Xemacs21 | Ubuntu | lucid | * |