9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.007 Low
EPSS
Percentile
80.8%
CentOS Errata and Security Advisory CESA-2005:745-01
VIM (VIsual editor iMproved) is a version of the vi editor.
A bug was found in the way VIM processes modelines. If a user with
modelines enabled opens a text file with a carefully crafted modeline,
arbitrary commands may be executed as the user running VIM. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2005-2368
to this issue.
Users of VIM are advised to upgrade to these updated packages, which
resolve this issue.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2005-August/074248.html
Affected packages:
vim-X11
vim-common
vim-enhanced
vim-minimal
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | vim-x11 | < 6.0-7.22 | vim-X11-6.0-7.22.i386.rpm |
CentOS | 2 | i386 | vim-common | < 6.0-7.22 | vim-common-6.0-7.22.i386.rpm |
CentOS | 2 | i386 | vim-enhanced | < 6.0-7.22 | vim-enhanced-6.0-7.22.i386.rpm |
CentOS | 2 | i386 | vim-minimal | < 6.0-7.22 | vim-minimal-6.0-7.22.i386.rpm |