Arbitrary File Read Vulnerability in Notmuch Emacs Interface

Arbitrary File Read Vulnerability in Notmuch Emacs Interface

CVE-2012-1103 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

emacs/notmuch-mua.el in Notmuch before 0.11.1, when using the Emacs interface, allows user-assisted remote attackers to read arbitrary files via crafted MML tags, which are not properly quoted in an email reply cna cause the files to be attached to the message.

Learn more about our User Device Pen Test.