FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

emacs -- remote code execution vulnerability

Affected packages
24.* < emacs < 24.2
23.* < emacs <= 23.4_2

Details

VuXML ID c1e5f35e-f93d-11e1-b07f-00235a5f2c9a
Discovery 2012-08-13
Entry 2012-09-08
Modified 2013-05-13

Chong Yidong reports:

Paul Ling has found a security flaw in the file-local variables code in GNU Emacs.

When the Emacs user option `enable-local-variables' is set to `:safe' (the default value is t), Emacs should automatically refuse to evaluate `eval' forms in file-local variable sections. Due to the bug, Emacs instead automatically evaluates such `eval' forms. Thus, if the user changes the value of `enable-local-variables' to `:safe', visiting a malicious file can cause automatic execution of arbitrary Emacs Lisp code with the permissions of the user.

The bug is present in Emacs 23.2, 23.3, 23.4, and 24.1.

References

Bugtraq ID 54969
CVE Name CVE-2012-3479
URL http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155
URL https://lists.gnu.org/archive/html/emacs-devel/2012-08/msg00802.html