logo

Database

Lack of data validation - Path Traversal In xemacs21

Description

vcdiff in Emacs 20.7 to 22.1.50, when used with SCCS, allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2008-16942. NVD-2008-16943. OSV-DEBIAN-2008-16944. OSV-2008-16945. SECURITY-TRACKER-CVE-2008-1694

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.