GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted Content-Type: text/enriched data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. In particular, an Emacs user can be instantly compromised by reading a crafted email message (or Usenet news article).
Name | Vendor | Start Version | End Version |
---|---|---|---|
Emacs | Gnu | * | 25.2 (including) |
Red Hat Enterprise Linux 7 | RedHat | emacs-1:24.3-20.el7_4 | * |
Emacs23 | Ubuntu | trusty | * |
Emacs24 | Ubuntu | trusty | * |
Emacs24 | Ubuntu | xenial | * |
Emacs24 | Ubuntu | zesty | * |
Emacs25 | Ubuntu | upstream | * |
Emacs25 | Ubuntu | zesty | * |