FreeBSD : emacs -- enriched text remote code execution vulnerability (47e2e52c-975c-11e7-942d-5404a68a61a2)
High Nessus Plugin ID 103152
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionPaul Eggert reports :
Charles A. Roelli has found a security flaw in the enriched mode in GNU Emacs.
When Emacs renders MIME text/enriched data (Internet RFC 1896), it is vulnerable to arbitrary code execution. Since Emacs-based mail clients decode 'Content-Type: text/enriched', this code is exploitable remotely. This bug affects GNU Emacs versions 19.29 through 25.2.
SolutionUpdate the affected packages.