CVE-2000-0270

3 documents3 sources
Severity
3.6LOW
EPSS
0.1%
top 72.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
GNU Emacs
Timeline
PublishedApr 18
Latest updateApr 30

Description

The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.

CVSS vector

AV:L/AC:L/C:P/I:P/A:NExploitability: 3.9 | Impact: 4.9

Affected Packages1 packages

NVDgnu/emacs7 versions+6

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-83rm-6fqr-j4q7: The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack2022-04-30
CVEList
CVE-2000-0270: The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack2000-04-26
CVE-2000-0270 (LOW CVSS 3.6) | The make-temp-name Lisp function in | cvebase.io