Unrated severityNVD Advisory· Published Jan 19, 2012· Updated Apr 29, 2026
CVE-2012-0035
CVE-2012-0035
Description
Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file.
Affected products
32cpe:2.3:a:eric_m_ludlam:cedet:*:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:eric_m_ludlam:cedet:*:*:*:*:*:*:*:*range: <=1.0
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre1:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre2:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre3:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre4:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre6:*:*:*:*:*:*
- cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre7:*:*:*:*:*:*
cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*range: <=23.3
- cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.htmlnvdPatch
- openwall.com/lists/oss-security/2012/01/10/2nvdPatch
- secunia.com/advisories/47311nvdVendor Advisory
- secunia.com/advisories/47515nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.htmlnvd
- openwall.com/lists/oss-security/2012/01/10/4nvd
- secunia.com/advisories/50801nvd
- sourceforge.net/mailarchive/message.phpnvd
- sourceforge.net/mailarchive/message.phpnvd
- www.mandriva.com/security/advisoriesnvd
- www.ubuntu.com/usn/USN-1586-1nvd
- security.gentoo.org/glsa/201812-05nvd
News mentions
0No linked articles in our index yet.