Описание
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | build-time problem only |
| devel | not-affected | build-time problem only |
| feisty | not-affected | build-time problem only |
| gutsy | not-affected | build-time problem only |
| hardy | not-affected | build-time problem only |
| upstream | released |
Показывать по
Ссылки на источники
EPSS
3.7 Low
CVSS2
Связанные уязвимости
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ...
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
EPSS
3.7 Low
CVSS2