CVE-2012-1103
N/A
N/A
Summary
emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://notmuchmail.org/news/release-0.11.1/
- http://www.securityfocus.com/bid/52155
- http://www.openwall.com/lists/oss-security/2012/03/05/6
- http://www.debian.org/security/2012/dsa-2416
- http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el
- http://www.openwall.com/lists/oss-security/2012/03/04/5
- http://secunia.com/advisories/48139
References
- http://notmuchmail.org/news/release-0.11.1/
- http://www.securityfocus.com/bid/52155
- http://www.openwall.com/lists/oss-security/2012/03/05/6
- http://www.debian.org/security/2012/dsa-2416
- http://git.notmuchmail.org/git/notmuch/blobdiff/3f2050ac221a4c940c12442f156f12fff11600c6..ae438ccd8c77831158c7c30f19710d798ee4a6b4:/emacs/notmuch-mua.el
- http://www.openwall.com/lists/oss-security/2012/03/04/5
- http://secunia.com/advisories/48139
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.