Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
lisp/files.el in Emacs 23.2, 23.3, 23.4, and 24.1 automatically executes eval forms in local-variable sections when the enable-local-variables option is set to :safe, which allows user-assisted remote attackers to execute arbitrary Emacs Lisp code via a crafted file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GNU Emacs “enable-local-variables” 远程代码执行漏洞
Vulnerability Description
Emacs是一个功能强大的可扩展的实时显示文本编辑器。 GNU Emacs中存在漏洞,可被恶意攻击者利用操控用户系统。该漏洞源于评估本地文件变量时,处理‘enable-local-variables’变量存在错误。攻击者可利用该漏洞提升‘eval’表单并执行任意Lisp代码。成功的利用需要将‘enable-local-variables’设置为‘:safe’。GNU Emacs 23.2、23.3、23.4、24.1版本中存在漏洞。
CVSS Information
N/A
Vulnerability Type
N/A