Download
| Alert*
|
oval:org.secpod.oval:def:89045291
This update for vim fixes the following security issues: - Fixed CVE-2016-1248, an arbitrary command execution vulnerability oval:org.secpod.oval:def:1800916 A vulnerability was found in Vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline. This is due to lack of validation of values for a few options. Those options" values are then used in Vim"s scripts to build a command string that"s evaluated by : ... oval:org.secpod.oval:def:89048081 This update for vim fixes the following issues: Updated to version 9.0.0814: * Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim: Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1: CVE- ... oval:org.secpod.oval:def:38800 The host is installed with Apple Mac OS X or Server 10.12.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle certain modeline options. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:1501708 Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running ... oval:org.secpod.oval:def:204062 Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user runnin ... oval:org.secpod.oval:def:204064 Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user runnin ... oval:org.secpod.oval:def:1600486 A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim oval:org.secpod.oval:def:2100745 vim before patch 8.0.0056 does not properly validate values for the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. oval:org.secpod.oval:def:501950 Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user runnin ... oval:org.secpod.oval:def:89045234 This update for vim fixes the following security issues: - Fixed CVE-2016-1248 an arbitrary command execution vulnerability This update for vim fixes the following issues: - Fix build with Python 3.5 oval:org.secpod.oval:def:51676 vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:703368 vim: Vi IMproved - enhanced vi editor Vim could be made run programs as your login if it opened a specially crafted file. oval:org.secpod.oval:def:1501712 Vim is an updated and improved version of the vi editor. Security Fix: * A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running ... oval:org.secpod.oval:def:602680 Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. oval:org.secpod.oval:def:38789 The host is missing a security update according to Apple advisory, APPLE-SA-2017-01-23-2. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |
