Name | emacs_enriched |
CVE | CVE-2017-14482 |
Exploit Pack | CANVAS |
Description | Emacs Enriched Mime-type Handler Arbitrary ELISP Execution |
Notes | CVE Name: CVE-2017-14482 VENDOR: https://www.gnu.org/software/emacs/ Notes: Either email this to someone using the GNUS email client or convince them to open it like a normal file. You will eventually get a MOSDEF shell. WARNING: For the CEU release it will likely lock the editor. Tested Operating Systems: * Emacs 24.5.1 - Ubuntu 16.04 LTS * Repeatability: Infinite References: ['https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70', 'https://access.redhat.com/security/cve/CVE-2017-14482'] CVE URL: https://access.redhat.com/security/cve/CVE-2017-14482 |
Learn more about the CANVAS Exploit Pack here: CANVAS |