CVE-2014-3421

CWE-59CWE-3777 documents6 sources
Severity
3.3LOW
EPSS
0.1%
top 66.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GNU EmacsMageia Project Mageia
Timeline
PublishedMay 8
Latest updateMay 17

Description

lisp/gnus/gnus-fun.el in GNU Emacs 24.3 and earlier allows local users to overwrite arbitrary files via a symlink attack on the /tmp/gnus.face.ppm temporary file.

CVSS vector

AV:L/AC:M/C:N/I:P/A:PExploitability: 3.4 | Impact: 4.9

Affected Packages2 packages

NVDgnu/emacs24.3+24

🔴Vulnerability Details

3
GHSA
GHSA-3v7q-6w55-588c: lisp/gnus/gnus-fun2022-05-17
CVEList
CVE-2014-3421: lisp/gnus/gnus-fun2014-05-08
OSV
CVE-2014-3421: lisp/gnus/gnus-fun2014-05-08

📋Vendor Advisories

1
Red Hat
emacs: multiple temporary file issues2014-05-05

💬Community

2
Bugzilla
CVE-2014-3423 CVE-2014-3422 CVE-2014-3421 CVE-2014-3424 emacs: multiple temporary file issues [fedora-all]2014-05-08
Bugzilla
CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 emacs: multiple temporary file issues2014-05-08
CVE-2014-3421 (LOW CVSS 3.3) | lisp/gnus/gnus-fun.el in GNU Emacs | cvebase.io