CVE-2010-0825

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
05/04/2010
Last modified:
11/04/2025

Description

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*