Insecure Backup File Creation in GNU Emacs
CVE-2017-1000383 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
GNU Emacs version 25.3.1 (and other versions most likely) ignores umask when creating a backup save file ("[ORIGINAL_FILENAME]~") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the emacs binary.
Learn more about our User Device Pen Test.