{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-04T14:28:03.349","vulnerabilities":[{"cve":{"id":"CVE-2012-0035","sourceIdentifier":"secalert@redhat.com","published":"2012-01-19T15:55:00.943","lastModified":"2026-04-29T01:13:23.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Untrusted search path vulnerability in EDE in CEDET before 1.0.1, as used in GNU Emacs before 23.4 and other products, allows local users to gain privileges via a crafted Lisp expression in a Project.ede file in the directory, or a parent directory, of an opened file."},{"lang":"es","value":"Una vulnerabilidad de ruta de búsqueda no confiable en EDE en CEDET antes de v1.0.1, tal como se utiliza en GNU Emacs antes de v23.4 y otros productos, permite a usuarios locales conseguir privilegios a través de una expresión Lisp modificada en un archivo Project.ede en el directorio, o en el directorio padre, de un archivo abierto."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0","matchCriteriaId":"81840C8F-0D7C-46B0-8BF2-328DF34AD6B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta1:*:*:*:*:*:*","matchCriteriaId":"7A64840D-EDD2-4776-8F76-108A85604524"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta2:*:*:*:*:*:*","matchCriteriaId":"AD9BFD76-DBD0-4FA7-AC95-9ED86F041840"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:beta3:*:*:*:*:*:*","matchCriteriaId":"C249F7CC-3524-4CA2-B838-F659B825BB1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre1:*:*:*:*:*:*","matchCriteriaId":"97721CF9-7FE5-4A35-9982-7A358D707149"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre2:*:*:*:*:*:*","matchCriteriaId":"98E05598-6322-4EAA-9BFF-B8A7DE63E959"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre3:*:*:*:*:*:*","matchCriteriaId":"D62A1EF8-7EF8-4AEA-91A9-F47FD72D52DD"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre4:*:*:*:*:*:*","matchCriteriaId":"814A737D-C0C5-405E-AFF6-EB554AE4151A"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre6:*:*:*:*:*:*","matchCriteriaId":"40CF2404-803C-478C-9111-FFA9173C89B7"},{"vulnerable":true,"criteria":"cpe:2.3:a:eric_m_ludlam:cedet:1.0:pre7:*:*:*:*:*:*","matchCriteriaId":"A30EB0E8-2CB4-4EC5-A280-3CF3BDBEC969"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:*:*:*:*:*:*:*:*","versionEndIncluding":"23.3","matchCriteriaId":"6D2680B3-7AE8-47E3-9027-9CFB19292AC4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.0:*:*:*:*:*:*:*","matchCriteriaId":"E460F3A1-71DD-4A37-9F17-6B4E5C9A46AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.1:*:*:*:*:*:*:*","matchCriteriaId":"0F9D5B3C-7534-4DC6-BE44-91A0031FBA6C"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.2:*:*:*:*:*:*:*","matchCriteriaId":"4EB2E29F-371A-43AB-8CBF-DDFABDB103BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.3:*:*:*:*:*:*:*","matchCriteriaId":"05F6124D-F3C1-4E4C-B580-85AB01833885"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.4:*:*:*:*:*:*:*","matchCriteriaId":"9571E866-AB82-4B95-8097-ED0DA038331F"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.5:*:*:*:*:*:*:*","matchCriteriaId":"3A773690-9650-40E1-BCE3-7E020AF61BCD"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.6:*:*:*:*:*:*:*","matchCriteriaId":"26D9A554-CB40-461D-9C95-78051B0CA354"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:20.7:*:*:*:*:*:*:*","matchCriteriaId":"0AFE5D6E-1979-4CF2-ACE0-BB6F31F80434"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21:*:*:*:*:*:*:*","matchCriteriaId":"7731A395-328A-4435-A388-1419224A4256"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.1:*:*:*:*:*:*:*","matchCriteriaId":"05BDDB87-0AFF-4BDC-995A-94F221ED3641"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.2:*:*:*:*:*:*:*","matchCriteriaId":"F9ADBEE6-3B38-4284-B9F8-37F7FFEBDE81"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.2.1:*:*:*:*:*:*:*","matchCriteriaId":"C4389884-70D2-4915-80A7-CFA4A420A024"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.3:*:*:*:*:*:*:*","matchCriteriaId":"EA95B19B-F35D-4644-9E75-5A138A960C10"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.3.1:*:*:*:*:*:*:*","matchCriteriaId":"DE5CB6EB-74D8-4CA8-8B86-08E06859E2E4"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:21.4:*:*:*:*:*:*:*","matchCriteriaId":"FC7E9FE5-E87C-440B-A16E-327501BC8977"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:22.1:*:*:*:*:*:*:*","matchCriteriaId":"9ADF55EE-0F79-414A-B701-14DDA1C9C3B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:22.2:*:*:*:*:*:*:*","matchCriteriaId":"37E5A757-C2C8-49D4-AFCD-156CCF4B7262"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:22.3:*:*:*:*:*:*:*","matchCriteriaId":"F1D047EC-2354-430D-B44C-FE8574F7617B"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:23.1:*:*:*:*:*:*:*","matchCriteriaId":"99B66AEA-D831-4A17-A7D6-4DEDA28985C2"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:23.2:*:*:*:*:*:*:*","matchCriteriaId":"944A2F7B-375B-4466-8A98-934123C209FD"},{"vulnerable":true,"criteria":"cpe:2.3:a:gnu:emacs:23.4:*:*:*:*:*:*:*","matchCriteriaId":"D9948287-D8A4-4B29-9240-FCD25E73B00D"}]}]}],"references":[{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html","source":"secalert@redhat.com"},{"url":"http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2012/01/10/2","source":"secalert@redhat.com","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2012/01/10/4","source":"secalert@redhat.com"},{"url":"http://secunia.com/advisories/47311","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/47515","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/50801","source":"secalert@redhat.com"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_id=28649762","source":"secalert@redhat.com"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_id=28657612","source":"secalert@redhat.com"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:076","source":"secalert@redhat.com"},{"url":"http://www.ubuntu.com/usn/USN-1586-1","source":"secalert@redhat.com"},{"url":"https://security.gentoo.org/glsa/201812-05","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072285.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072288.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.gnu.org/archive/html/emacs-devel/2012-01/msg00387.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2012/01/10/2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://openwall.com/lists/oss-security/2012/01/10/4","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/47311","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/47515","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://secunia.com/advisories/50801","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_id=28649762","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://sourceforge.net/mailarchive/message.php?msg_id=28657612","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:076","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.ubuntu.com/usn/USN-1586-1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://security.gentoo.org/glsa/201812-05","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/426.html\r\n\r\n'CWE-426: Untrusted Search Path'"}}]}