CVE-2007-5795

The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.
Configurations

Configuration 1

cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

Information

Published : 2007-11-02 10:46

Updated : 2017-07-29 01:33


NVD link : CVE-2007-5795

Mitre link : CVE-2007-5795

Products Affected
No products.