Описание
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-2438
- https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238259
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34012
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9876
- http://attrition.org/pipermail/vim/2007-May/001614.html
- http://marc.info/?l=vim-dev&m=117762581821298&w=2
- http://marc.info/?l=vim-dev&m=117778983714029&w=2
- http://osvdb.org/36250
- http://secunia.com/advisories/25024
- http://secunia.com/advisories/25159
- http://secunia.com/advisories/25182
- http://secunia.com/advisories/25255
- http://secunia.com/advisories/25367
- http://secunia.com/advisories/25432
- http://secunia.com/advisories/26653
- http://tech.groups.yahoo.com/group/vimannounce/message/178
- http://tech.groups.yahoo.com/group/vimdev/message/46627
- http://tech.groups.yahoo.com/group/vimdev/message/46645
- http://tech.groups.yahoo.com/group/vimdev/message/46658
- http://www.attrition.org/pipermail/vim/2007-August/001770.html
- http://www.debian.org/security/2007/dsa-1364
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:101
- http://www.novell.com/linux/security/advisories/2007_12_sr.html
- http://www.redhat.com/support/errata/RHSA-2007-0346.html
- http://www.securityfocus.com/archive/1/467202/100/0/threaded
- http://www.securityfocus.com/bid/23725
- http://www.securitytracker.com/id?1018035
- http://www.trustix.org/errata/2007/0017
- http://www.ubuntu.com/usn/usn-463-1
- http://www.vim.org/news/news.php
- http://www.vupen.com/english/advisories/2007/1599
EPSS
CVE ID
Связанные уязвимости
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
The sandbox for vim allows dangerous functions such as (1) writefile, ...
EPSS