[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

USN-712-1 -- vim vulnerabilities

ID: oval:org.secpod.oval:def:700348Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




Jan Minar discovered that Vim did not properly sanitize inputs before invoking the execute or system functions inside Vim scripts. If a user were tricked into running Vim scripts with a specially crafted input, an attacker could execute arbitrary code with the privileges of the user invoking the program. Ben Schmidt discovered that Vim did not properly escape characters when performing keyword or tag lookups. If a user were tricked into running specially crafted commands, an attacker could execute arbitrary code with the privileges of the user invoking the program

Platform:
Ubuntu 7.10
Ubuntu 8.04
Ubuntu 6.06
Ubuntu 8.10
Product:
vim
Reference:
USN-712-1
CVE-2008-2712
CVE-2008-4101
CVE    2
CVE-2008-2712
CVE-2008-4101
CPE    1
cpe:/o:ubuntu:ubuntu_linux:8.04

© 2013 SecPod Technologies