Improper input validation in Gnu Emacs

CVE-2012-1103

emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be at…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.007 (71.8th percentile) — read the EPSS interpretation.

Affected products

Gnu Emacs
Notmuchmail Notmuch — versions 0.1, 0.1.1, 0.2
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secalert@redhat.com (x_refsource_CONFIRM, Vendor Advisory)
52155 (vdb-entry, x_refsource_BID)
[oss-security] 20120304 Re: CVE request: notmuch (mailing-list, x_refsource_MLIST, Exploit, Patch)
DSA-2416 (vendor-advisory, x_refsource_DEBIAN)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
[oss-security] 20120304 CVE request: notmuch (mailing-list, x_refsource_MLIST, Exploit, Patch)
48139 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)