CVE-2007-5795

Name of the Vulnerable Software and Affected Versions Emacs versions prior to 22.2

Description The issue concerns the hack-local-variables function, which does not properly search lists of unsafe or risky variables when enable-local-variables is set to :safe. This could allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a Local variables declaration.

Recommendations For Emacs versions prior to 22.2, update to version 22.2 or later to resolve the issue.