CVE-2008-4191

Name of the Vulnerable Software and Affected Versions Emacspeak versions 26 through 28

Description The issue allows local users to overwrite arbitrary files via a symlink attack on the extract-table.csv temporary file.

Recommendations For Emacspeak versions 26 through 28, consider restricting access to the extract-table.pl script until a patch is available. As a temporary workaround, avoid using the extract-table.pl script in Emacspeak versions 26 through 28 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.