Vulnerability/
CVE-2007-2833

CVE-2007-2833: High severity Debian Debian Linux vulnerability

Published Jun 21, 2007

·

Updated

Emacs 21 allows user-assisted attackers to cause a denial of service (crash) via certain crafted images, as demonstrated via a GIF image in vm mode, related to image size calculation.

Affected Software

20 affected components

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Debian Debian Linux=4.0

Mandrakesoft Mandrake Linux=2007

Mandrakesoft Mandrake Linux=2007

Mandrakesoft Mandrake Linux=2007.1

Mandrakesoft Mandrake Linux Corporate Server=3.0

Mandrakesoft Mandrake Linux Corporate Server=3.0

Mandrakesoft Mandrake Linux Corporate Server=4.0

Mandrakesoft Mandrake Linux Corporate Server=4.0

GNU Emacs=21

Event History

Jun 21, 2007

CVE Published

via MITRE·08:00 PM

Data Sourced

via MITRE·08:00 PM

Description

Data Sourced

08:30 PM

DescriptionWeaknessAffected Software

Frequently Asked Questions

1

What is the severity of CVE-2007-2833?

CVE-2007-2833 has a severity rating categorized as low due to its nature of causing a denial of service (crash) under user-assisted conditions.

2

How do I fix CVE-2007-2833?

To fix CVE-2007-2833, update Emacs to a version where this vulnerability is patched, specifically versions beyond 21.

3

What software is affected by CVE-2007-2833?

CVE-2007-2833 affects GNU Emacs version 21 across various distributions of Debian Linux.

4

What are the symptoms of CVE-2007-2833 exploitation?

The exploitation of CVE-2007-2833 may result in Emacs crashing when processing certain crafted image files.

5

Is CVE-2007-2833 still a threat today?

CVE-2007-2833 is less of a threat today as it pertains to older versions of Emacs, but users of outdated software should still be cautious.

CVSS Score

7.8High

High Severity

AV:N/AC:L/Au:N/C:N/I:N/A:C

Security Metrics

Risk Score44

Severityhigh(7.8)

CWE

NVD-CWE-Other

Timeline

PublishedJun 21, 2007

Updated

References

Tags

collector/nvd-historicalagent/typeagent/eventagent/last-modified-dateagent/first-publish-dateagent/referencesagent/severityagent/weaknessagent/authoragent/descriptioncollector/nvd-indexagent/software-canonical-lookup-requestagent/softwarecombineagent/risk-scoreagent/tagscollector/mitre-cvesource/MITREagent/sourcevendor/debiancanonical/debian debian linuxversion/debian debian linux/4.0vendor/mandrakesoftcanonical/mandrakesoft mandrake linuxversion/mandrakesoft mandrake linux/2007version/mandrakesoft mandrake linux/2007.1canonical/mandrakesoft mandrake linux corporate serverversion/mandrakesoft mandrake linux corporate server/3.0version/mandrakesoft mandrake linux corporate server/4.0vendor/gnucanonical/gnu emacsversion/gnu emacs/21

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203