Lucene search
MitreCVELIST:CVE-2008-6235HistoryFeb 21, 2009 - 11:00 p.m.
CVE-2008-6235
2009-02-2123:00:00
mitre
www.cve.org
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) “D” (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases.
References
lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
secunia.com/advisories/34418
www.openwall.com/lists/oss-security/2008/10/16/2
www.openwall.com/lists/oss-security/2008/10/20/2
www.rdancer.org/vulnerablevim-netrw.html
www.rdancer.org/vulnerablevim-netrw.v2.html
www.rdancer.org/vulnerablevim-netrw.v5.html
www.redhat.com/support/errata/RHSA-2008-0580.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11247
Related
cve
cve
CVE-2008-6235
2009-02-21 23:30:00
debiancve
debiancve
CVE-2008-6235
2009-02-21 23:30:00
ubuntucve
ubuntucve
CVE-2008-6235
2009-02-21 00:00:00
prion
prion
Command injection
2009-02-21 23:30:00
nvd
nvd
CVE-2008-6235
2009-02-21 23:30:00
nessus
nessus
RHEL 5 : vim (RHSA-2008:0580)
2008-11-25 00:00:00
openSUSE Security Update : gvim (gvim-561)
2009-07-21 00:00:00
CentOS 5 : vim (CESA-2008:0580)
2010-01-06 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2008-0580)
2015-10-08 00:00:00
SUSE: Security Summary (SUSE-SR:2009:007)
2009-03-31 00:00:00
SuSE Security Summary SUSE-SR:2009:007
2009-03-31 00:00:00
centos
centos
vim security update
2008-11-26 22:22:41
oraclelinux
oraclelinux
vim security update
2008-11-25 00:00:00
redhat
redhat
(RHSA-2008:0580) Moderate: vim security update
2008-11-25 00:00:00