Back to CVE Browser

CVE-2007-6109

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0580%

EPSS Percentile43.51th

PublishedDec 7, 2007

Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in emacs allows user-assisted attackers to cause a denial of service (application crash) and possibly have unspecified other impact via a large precision value in an integer format string specifier to the format function, as demonstrated via a certain "emacs -batch -eval" command line.

Affected Platforms (CPE)

📦

Gnu

Emacs

All versions

References & Advisories

🔗 http://bugs.gentoo.org/show_bug.cgi?id=200297

🔗 http://docs.info.apple.com/article.html?artnum=307562

🔗 http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.html

🔗 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00003.html

🔗 http://secunia.com/advisories/27965

🔗 http://secunia.com/advisories/27984

🔗 http://secunia.com/advisories/28838

🔗 http://secunia.com/advisories/29420

Related Vulnerabilities

CVE-2012-00359.3

Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows loca...

CVE-2017-144828.8

GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data ...

CVE-2021-470137.8

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_se...

CVE-2021-473117.8

In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev privat...