CVE-2007-6109 - Vulnerability Details - OpenCVE

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Emacs

Configuration 1 [-]

cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://bugs.gentoo.org/show_bug.cgi?id=200297
http://docs.info.apple.com/article.html?artnum=307562
http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html
http://secunia.com/advisories/27965
http://secunia.com/advisories/27984
http://secunia.com/advisories/28838
http://secunia.com/advisories/29420
http://secunia.com/advisories/30109
http://security.gentoo.org/glsa/glsa-200712-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:034
http://www.novell.com/linux/security/advisories/2007_25_sr.html
http://www.vupen.com/english/advisories/2008/0924/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/38904
https://nvd.nist.gov/vuln/detail/CVE-2007-6109
https://usn.ubuntu.com/607-1/
https://www.cve.org/CVERecord?id=CVE-2007-6109

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-12-07T11:00:00

Updated: 2024-08-07T15:54:26.839Z

Reserved: 2007-11-23T00:00:00

Link: CVE-2007-6109

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-12-07T11:46:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-6109

Redhat

Severity :

Publid Date: 2007-12-07T00:00:00Z

Links: CVE-2007-6109 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-12-05T00:00:00", "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-03T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "27965", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27965"}, {"name": "USN-607-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/607-1/"}, {"name": "27984", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/27984"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"}, {"name": "ADV-2008-0924", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "SUSE-SR:2007:025", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"}, {"name": "29420", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "emacs-unspecified-bo(38904)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"}, {"name": "MDVSA-2008:034", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"}, {"name": "30109", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30109"}, {"name": "GLSA-200712-03", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "28838", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/28838"}, {"name": "SUSE-SR:2008:003", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6109", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "27965", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27965"}, {"name": "USN-607-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/607-1/"}, {"name": "27984", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27984"}, {"name": "http://bugs.gentoo.org/show_bug.cgi?id=200297", "refsource": "CONFIRM", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"}, {"name": "ADV-2008-0924", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "SUSE-SR:2007:025", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"}, {"name": "29420", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "emacs-unspecified-bo(38904)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"}, {"name": "MDVSA-2008:034", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"}, {"name": "30109", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30109"}, {"name": "GLSA-200712-03", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"}, {"name": "http://docs.info.apple.com/article.html?artnum=307562", "refsource": "CONFIRM", "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "28838", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28838"}, {"name": "SUSE-SR:2008:003", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:54:26.839Z"}, "title": "CVE Program Container", "references": [{"name": "27965", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27965"}, {"name": "USN-607-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/607-1/"}, {"name": "27984", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/27984"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"}, {"name": "ADV-2008-0924", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"name": "SUSE-SR:2007:025", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"}, {"name": "29420", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29420"}, {"name": "APPLE-SA-2008-03-18", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"name": "emacs-unspecified-bo(38904)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"}, {"name": "MDVSA-2008:034", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"}, {"name": "30109", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30109"}, {"name": "GLSA-200712-03", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"name": "28838", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/28838"}, {"name": "SUSE-SR:2008:003", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6109", "datePublished": "2007-12-07T11:00:00", "dateReserved": "2007-11-23T00:00:00", "dateUpdated": "2024-08-07T15:54:26.839Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*", "matchCriteriaId": "DD426FD8-4155-4FC5-8114-266BD0FCA841", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain \"emacs -batch -eval\" command line."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en emacs, permite a los atacantes asistidos por el usuario causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) y posiblemente tener otro impacto no especificado por medio de un valor de gran precisi\u00f3n en un especificador de cadena de formato de enteros para la funci\u00f3n format, como es demostrado por medio de una determinada l\u00ednea de comandos \"emacs -batch -eval\"."}], "id": "CVE-2007-6109", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-12-07T11:46:00.000", "references": [{"source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"}, {"source": "cve@mitre.org", "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"source": "cve@mitre.org", "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27965"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/27984"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/28838"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29420"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/30109"}, {"source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"}, {"source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"}, {"source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/607-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=200297"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://docs.info.apple.com/article.html?artnum=307562"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27965"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27984"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28838"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29420"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/30109"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200712-03.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:034"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_25_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0924/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38904"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/607-1/"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "Red Hat does not consider this issue to be a security vulnerability since no trust boundary is crossed. The user must voluntarily interact with the attack mechanism to exploit this flaw, with the result being the ability to run code as themselves.", "lastModified": "2007-12-11T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}