Amazon Linux AMI : emacs (ALAS-2017-912)
Medium Nessus Plugin ID 103825
SynopsisThe remote Amazon Linux AMI host is missing a security update.
DescriptionCommand injection flaw within 'enriched mode' handling :
A command injection flaw within the Emacs 'enriched mode' handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user. (CVE-2017-14482)
SolutionRun 'yum update emacs' to update your system.