ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| dapper | not-affected | build-time problem only |
| devel | not-affected | build-time problem only |
| feisty | not-affected | build-time problem only |
| gutsy | not-affected | build-time problem only |
| hardy | not-affected | build-time problem only |
| upstream | released |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
EPSS
3.7 Low
CVSS2
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
src/configure.in in Vim 5.0 through 7.1, when used for a build with Py ...
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
EPSS
3.7 Low
CVSS2