CVE Catalog

CVE-2000-0270

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.35%

27th percentile — higher than 27% of all known CVEs

Summary

The make-temp-name function in Emacs 20 creates temporary files with predictable names, allowing attackers to conduct a symlink attack.

Risk Assessment

A symlink attack can lead to unauthorized access to data or modification of files by attackers, posing a serious security threat to the system.

Recommendation

It is recommended to update Emacs to the latest version that addresses this vulnerability and to implement additional security measures when creating temporary files.

Original NVD description (English source)

The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS