Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-04-18
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack.
CVSS Score
3.6
EPSS Score
0.001
Published
2000-04-18
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-04-18
Page 3