What is CVE-2017-14482?

CVE-2017-14482 is a high-severity vulnerability in Gnu Emacs. CVSS score: 8.8/10. Published 2017-09-14.

How severe is CVE-2017-14482?

High severity. CVSS v3 base score is 8.8 out of 10.

Vulnerability in Gnu Emacs

CVE-2017-14482

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enr…

EPSS: 0.036 (88.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Gnu Emacs
Debian Debian_linux — versions 8.0
N/a — versions n/a

References

cve@mitre.org (vendor-advisory, x_refsource_DEBIAN)
cve@mitre.org (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
cve@mitre.org (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
cve@mitre.org (vendor-advisory, x_refsource_GENTOO)
cve@mitre.org (x_refsource_REDHAT, vendor-advisory)
cve@mitre.org (x_refsource_CONFIRM, Release Notes, Vendor Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Mailing List, Third Party Advisory)
cve@mitre.org (x_refsource_CONFIRM, Patch, Mailing List, Issue Tracking, Vendor Advisory)

Frequently asked questions

What is CVE-2017-14482?: CVE-2017-14482 is a high-severity vulnerability in Gnu Emacs. CVSS score: 8.8/10. Published 2017-09-14.
How severe is CVE-2017-14482?: High severity. CVSS v3 base score is 8.8 out of 10.