• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SEMI/WEMI Insecure Temporary File Creation Vulnerability

SEMI/WEMI have been reported prone to an insecure temporary file creation vulnerability. As a result, it may be possible for local attackers to corrupt files owned by the user who is invoking a version of Emacs that is linked to the vulnerable library.

It should be noted that the impact of this vulnerability might be exaggerated by the fact that attackers may potentially influence content that will be added to the target file.