CVE Catalog
CVE-2000-0270
LowExploitation Probability (EPSS)
Low risk0.35%
27th percentile — higher than 27% of all known CVEs
Summary
The make-temp-name function in Emacs 20 creates temporary files with predictable names, allowing attackers to conduct a symlink attack.
Risk Assessment
A symlink attack can lead to unauthorized access to data or modification of files by attackers, posing a serious security threat to the system.
Recommendation
It is recommended to update Emacs to the latest version that addresses this vulnerability and to implement additional security measures when creating temporary files.
Original NVD description (English source)
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.

