cpe:/a:vim:vim:3.0 cpe:/a:vim:vim:4.0 cpe:/a:vim:vim:5.0 cpe:/a:vim:vim:5.1 cpe:/a:vim:vim:5.2 cpe:/a:vim:vim:5.3 cpe:/a:vim:vim:5.4 cpe:/a:vim:vim:5.5 cpe:/a:vim:vim:5.6 cpe:/a:vim:vim:5.7 cpe:/a:vim:vim:5.8 cpe:/a:vim:vim:6.0 cpe:/a:vim:vim:6.1 cpe:/a:vim:vim:6.2 cpe:/a:vim:vim:6.3 cpe:/a:vim:vim:6.4 cpe:/a:vim:vim:7.0 cpe:/a:vim:vim:7.1 cpe:/a:vim:vim:7.2 CVE-2008-4101 2008-09-18T13:59:32.877-04:00 2017-09-28T21:32:00.117-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-09-19T07:58:00.000-04:00 BUGTRAQ 20080822 Vim: Arbitrary Code Execution in Commands: K, Control-], g] BUGTRAQ 20080825 RE: Arbitrary Code Execution in Commands: K, Control-], g] BUGTRAQ 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim BID 30795 SECUNIA 31592 BID 31681 SECUNIA 32222 SECUNIA 32858 SECUNIA 32864 SECUNIA 33410 VUPEN ADV-2008-2780 VUPEN ADV-2009-0033 VUPEN ADV-2009-0904 APPLE APPLE-SA-2008-10-09 APPLE APPLE-SA-2010-03-29-1 MANDRIVA MDVSA-2008:236 REDHAT RHSA-2008:0580 REDHAT RHSA-2008:0617 REDHAT RHSA-2008:0618 UBUNTU USN-712-1 MLIST [oss-security] 20080911 Re: [oss-list] CVE request (vim) MLIST [oss-security] 20080911 [oss-list] CVE request (vim) MLIST [oss-security] 20080915 Re: [oss-list] CVE request (vim) MLIST [vim-dev] 20080903 Patch 7.2.010 MLIST [vim_dev] 20080824 Bug with v_K and potentially K command MISC http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2 MISC http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2 MISC http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e CONFIRM http://support.apple.com/kb/HT3216 CONFIRM http://support.apple.com/kb/HT4077 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2008-457.htm CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm MISC http://www.rdancer.org/vulnerablevim-K.html CONFIRM http://www.vmware.com/security/advisories/VMSA-2009-0004.html CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=461927 XF vim-normal-command-execution(44626) Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.