Notmuch Emacs Information Disclosure Vulnerability
BID:52155
Info
Notmuch Emacs Information Disclosure Vulnerability
| Bugtraq ID: | 52155 |
| Class: | Input Validation Error |
| CVE: |
CVE-2012-1103 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 24 2012 12:00AM |
| Updated: | Apr 13 2015 09:37PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Notmuch Notmuch Emacs 0.11 Debian Linux 6.0 sparc Debian Linux 6.0 s/390 Debian Linux 6.0 powerpc Debian Linux 6.0 mips Debian Linux 6.0 ia-64 Debian Linux 6.0 ia-32 Debian Linux 6.0 arm Debian Linux 6.0 amd64 |
| Not Vulnerable: |
Notmuch Notmuch Emacs 0.11.1 |
Discussion
Notmuch Emacs Information Disclosure Vulnerability
Notmuch Emacs is prone to an information disclosure vulnerability.
An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.
Notmuch Emacs prior to 0.11.1 are vulnerable; other versions may also be affected.
Notmuch Emacs is prone to an information disclosure vulnerability.
An attacker can exploit this vulnerability to obtain potentially sensitive information from local files on computers running the vulnerable application. This may aid in further attacks.
Notmuch Emacs prior to 0.11.1 are vulnerable; other versions may also be affected.
Exploit / POC
Notmuch Emacs Information Disclosure Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.
Solution / Fix
Notmuch Emacs Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references for more information.
Solution:
Updates are available. Please see the references for more information.
References
Notmuch Emacs Information Disclosure Vulnerability
References:
References:
- emacs: quote MML tags in replies (Notmuch)
- Notmuch New release (Notmuch)