Vulnerability CVE-2014-9483

Vulnerability Name:

CVE-2014-9483 (CCN-99688)

Assigned:

2015-01-03

Published:

2015-01-03

Updated:

2017-09-08

Summary:

Emacs 24.4 allows remote attackers to bypass security restrictions.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
4.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
4.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N/E:U/RL:U/RC:UR)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2014-9483

Source: CCN
Type: oss-security Mailing List, Sat, 3 Jan 2015 17:42:11 -0500 (EST)
Re: CVE request for emacs possibly

Source: CCN
Type: GNU Web Site
GNU Emacs - GNU Project - Free Software Foundation (FSF)

Source: MLIST
Type: Mailing List, Third Party Advisory
[oss-security] 20150103 Re: CVE request for emacs possibly

Source: CCN
Type: BID-71861
GNU Emacs CVE-2014-9483 Local Information Disclosure Vulnerability

Source: CONFIRM
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1181599

Source: XF
Type: UNKNOWN
emacs-cve20149483-sec-bypass(99688)

Source: XF
Type: UNKNOWN
emacs-cve20149483-sec-bypass(99688)

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2014-9483

Vulnerable Configuration:

Configuration 1:

cpe:/a:gnu:emacs:24.4:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:gnu:emacs:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:646	P	Security update for php7 (Moderate) (in QA)	2022-10-04
oval:org.opensuse.security:def:731	P	Security update for python-Flask-Security-Too (Important)	2022-09-06
oval:org.opensuse.security:def:20149483	V	CVE-2014-9483	2022-08-07
oval:org.opensuse.security:def:620	P	Security update for booth (Important)	2022-08-01
oval:org.opensuse.security:def:94892	P	emacs-x11-27.2-150400.1.49 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2915	P	emacs-27.2-150400.1.49 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:3262	P	emacs-x11-27.2-150400.1.49 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94545	P	emacs-27.2-150400.1.49 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:51	P	emacs-25.3-3.6.51 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:67	P	glib2-devel-2.62.6-3.6.1 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:346	P	zoo-2.10-1.29 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:1067	P	Security update for jasper (Moderate)	2022-04-29
oval:org.opensuse.security:def:1312	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP3) (Important)	2022-04-15
oval:org.opensuse.security:def:980	P	Security update for python3 (Moderate)	2022-03-24
oval:org.opensuse.security:def:956	P	Security update for expat (Important)	2022-03-04
oval:org.opensuse.security:def:1532	P	Security update for python-Twisted (Important)	2022-02-18
oval:org.opensuse.security:def:1423	P	Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP3) (Critical)	2022-02-16
oval:org.opensuse.security:def:1176	P	Security update for the Linux Kernel (Important)	2022-01-26
oval:org.opensuse.security:def:112186	P	emacs-25.1-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:100415	P	(Moderate)	2022-01-11
oval:org.opensuse.security:def:94003	P	(Moderate)	2021-12-23
oval:org.opensuse.security:def:1648	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:49454	P	Security update for python3 (Moderate)	2021-10-20
oval:org.opensuse.security:def:69738	P	Security update for apache2 (Important)	2021-10-12
oval:org.opensuse.security:def:69934	P	Security update for grilo (Important)	2021-10-06
oval:org.opensuse.security:def:105718	P	emacs-25.1-1.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71218	P	krb5-1.16.3-1.16 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:89590	P	emacs-25.3-3.3.18 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71176	P	emacs-25.3-3.3.18 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:96555	P	emacs-25.3-3.3.18 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:103245	P	emacs-25.3-3.3.18 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:70833	P	Security update for ntfs-3g_ntfsprogs (Important)	2021-09-07
oval:org.opensuse.security:def:46882	P	MozillaFirefox-45.4.0esr-81.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48202	P	libsystemd0-228-155.21 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47141	P	qemu-2.6.1-27.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48167	P	libpango-1_0-0-1.40.1-9.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47289	P	ibus-chewing-1.4.14-4.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47049	P	libmpfr4-3.1.2-7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48095	P	libasan2-32bit-5.3.1+r233831-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47003	P	libXvnc1-1.6.0-12.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48267	P	perl-LWP-Protocol-https-6.04-5.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47142	P	quagga-0.99.22.1-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48251	P	opie-2.4-724.56 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47503	P	squid-3.5.21-25.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47420	P	libtiff5-32bit-4.0.7-43.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47196	P	aaa_base-13.2+git20140911.61c1681-36.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48298	P	rsyslog-8.24.0-3.28.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47156	P	squidGuard-1.4-23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48313	P	stunnel-5.00-4.3.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47252	P	expat-2.1.0-20.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47587	P	curl-7.60.0-2.11 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47568	P	bluez-5.13-5.4.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47328	P	libXxf86vm1-1.1.3-3.53 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47277	P	gstreamer-plugins-bad-1.8.3-17.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47253	P	fetchmail-6.3.26-12.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47649	P	jakarta-taglibs-standard-1.1.1-255.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47782	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47694	P	libasan2-32bit-5.3.1+r233831-12.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47470	P	perl-YAML-LibYAML-0.38-10.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47267	P	glibc-2.22-61.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47714	P	libgssglue1-0.4-3.76 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47866	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47842	P	pam_krb5-2.4.4-4.4 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47602	P	elfutils-0.158-6.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47388	P	libotr5-4.0.0-9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47745	P	libmusicbrainz4-2.1.5-27.79 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47928	P	xorg-x11-server-1.19.6-2.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48056	P	kdump-0.8.16-9.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47805	P	libvmtools0-10.3.0-2.6 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47581	P	crash-7.2.1-2.19 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47816	P	libxslt-tools-1.1.28-16.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47993	P	dosfstools-3.0.26-6.5 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48140	P	liblcms1-1.19-17.28 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47953	P	apache2-mod_perl-2.0.8-11.43 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47713	P	libgraphite2-3-1.3.1-10.3.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:46917	P	cups-pk-helper-0.2.5-3.72 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48024	P	gnome-shell-3.20.4-77.23.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:62069	P	emacs-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71810	P	emacs-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62737	P	emacs-x11-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72456	P	emacs-x11-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:100827	P	emacs-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101143	P	emacs-x11-25.3-3.6.51 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:67765	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15) (Important)	2021-06-18
oval:org.opensuse.security:def:70946	P	libXdmcp-devel-1.1.2-1.23 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48454	P	krb5-1.12.5-39.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:71105	P	sudo-1.8.22-2.11 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48508	P	libjasper1-1.900.1-170.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:70897	P	emacs-25.3-1.124 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48369	P	apache2-mod_jk-1.2.40-5.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48378	P	bind-9.9.9P1-46.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46588	P	unixODBC-2.3.1-4.88 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48733	P	libgadu3-1.11.4-1.12 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48409	P	ecryptfs-utils-103-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48787	P	libfbembed2_5-2.5.2.26539-13.42 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61156	P	emacs-25.3-1.124 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46589	P	vino-3.10.1-1.81 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48480	P	libapr-util1-1.5.3-1.46 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46603	P	yast2-core-3.1.11-1.6 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46867	P	wireshark-1.12.7-15.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46724	P	libfreebl3-3.19.2.1-29.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46868	P	wpa_supplicant-2.2-8.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:64518	P	Security update for python-py (Moderate)	2021-06-04
oval:org.opensuse.security:def:69633	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:100716	P	(Important)	2021-03-24
oval:org.opensuse.security:def:103517	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:93702	P	emacs-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107081	P	emacs-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62401	P	emacs-x11-25.3-1.124 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72120	P	emacs-x11-25.3-1.124 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107382	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62512	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72231	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49033	P	libraw9-0.15.4-30.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89862	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:61735	P	emacs-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:71476	P	emacs-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62621	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72340	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:67493	P	Security update for ldb, samba (Important)	2020-12-01
oval:org.opensuse.security:def:49343	P	tboot on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67593	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49397	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64431	P	perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67865	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49508	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66290	P	Security update for MozillaThunderbird (Important)	2020-12-01
oval:org.opensuse.security:def:72955	P	Security update for gnome-shell (Moderate)	2020-12-01
oval:org.opensuse.security:def:66382	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49563	P	libmpg123-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49617	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73073	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66591	P	perl-HTML-Parser on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73256	P	libzstd-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66683	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49087	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64159	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:70039	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:64246	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73374	P	emacs-x11 on GA media (Moderate)	2020-12-01
oval:com.ubuntu.xenial:def:201494830000000	V	CVE-2014-9483 on Ubuntu 16.04 LTS (xenial) - negligible.	2017-08-28
oval:com.ubuntu.artful:def:20149483000	V	CVE-2014-9483 on Ubuntu 17.10 (artful) - negligible.	2017-08-28
oval:com.ubuntu.xenial:def:20149483000	V	CVE-2014-9483 on Ubuntu 16.04 LTS (xenial) - negligible.	2017-08-28
oval:com.ubuntu.bionic:def:20149483000	V	CVE-2014-9483 on Ubuntu 18.04 LTS (bionic) - negligible.	2017-08-28
oval:com.ubuntu.bionic:def:201494830000000	V	CVE-2014-9483 on Ubuntu 18.04 LTS (bionic) - negligible.	2017-08-28
oval:com.ubuntu.trusty:def:20149483000	V	CVE-2014-9483 on Ubuntu 14.04 LTS (trusty) - negligible.	2017-08-28
oval:com.ubuntu.precise:def:20149483000	V	CVE-2014-9483 on Ubuntu 12.04 LTS (precise) - negligible.	2014-12-31

BACK