CVE-2001-1301

3 documents3 sources
Severity
1.2LOW
EPSS
0.2%
top 58.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GNU EmacsXemacs Xemacs
Timeline
PublishedAug 7
Latest updateApr 30

Description

rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.

CVSS vector

AV:L/AC:H/C:N/I:P/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages2 packages

NVDxemacs/xemacs21.1.10
NVDgnu/emacs20.4

🔴Vulnerability Details

2
GHSA
GHSA-g4f4-9r8p-qw3r: rcs2log, as used in Emacs 202022-04-30
CVEList
CVE-2001-1301: rcs2log, as used in Emacs 202003-04-02
CVE-2001-1301 (LOW CVSS 1.2) | cvebase.io