← volver
CVE-2007-2438

CVE-2007-2438

EPSS 3.2%
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://attrition.org/pipermail/vim/2007-May/001614.htmlhttp://marc.info/?l=vim-dev&m=117762581821298&w=2http://marc.info/?l=vim-dev&m=117778983714029&w=2http://osvdb.org/36250https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238259http://secunia.com/advisories/25024http://secunia.com/advisories/25159http://secunia.com/advisories/25182http://secunia.com/advisories/25255http://secunia.com/advisories/25367http://secunia.com/advisories/25432http://secunia.com/advisories/26653