Lucene search

MitreCVE-2001-0408

HistorySep 18, 2001 - 4:00 a.m.

CVE-2001-0408

2001-09-1804:00:00

mitre

web.nvd.nist.gov

cve-2001-0408

gvim

vim control codes

arbitrary command execution

nvd

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.004

Percentile

72.8%

JSON

vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.

Affected configurations

Nvd

Node

vim_development_groupvimMatch5.7

VendorProductVersionCPE
vim_development_groupvim5.7cpe:2.3:a:vim_development_group:vim:5.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
vim_development_group	vim	5.7	cpe:2.3:a:vim_development_group:vim:5.7:::::::*

References

marc.info/?l=bugtraq&m=98593106111968&w=2

www.calderasystems.com/support/security/advisories/CSSA-2001-014.0.txt

www.linux-mandrake.com/en/security/2001/MDKSA-2001-035.php3

www.novell.com/linux/security/advisories/2001_012_vim.html

www.redhat.com/support/errata/RHSA-2001-008.html

www.securityfocus.com/bid/2510

exchange.xforce.ibmcloud.com/vulnerabilities/6259

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.004

Percentile

72.8%

JSON

Related for CVE-2001-0408