Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2002-1377HistoryDec 23, 2002 - 5:00 a.m.
CVE-2002-1377
2002-12-2305:00:00
Debian Security Bug Tracker
security-tracker.debian.org
8
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
24.3%
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | vim | < 6.1.263-1 | vim_6.1.263-1_all.deb |
| Debian | 11 | all | vim | < 6.1.263-1 | vim_6.1.263-1_all.deb |
| Debian | 10 | all | vim | < 6.1.263-1 | vim_6.1.263-1_all.deb |
| Debian | 999 | all | vim | < 6.1.263-1 | vim_6.1.263-1_all.deb |
| Debian | 13 | all | vim | < 6.1.263-1 | vim_6.1.263-1_all.deb |
Related
redhat
redhat
(RHSA-2002:302) vim security update
2003-02-06 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : vim (MDKSA-2003:012)
2004-07-31 00:00:00
RHEL 2.1 : vim (RHSA-2002:302)
2004-07-06 00:00:00
cve
cve
CVE-2002-1377
2002-12-23 05:00:00
exploitpack
exploitpack
Vim 8.1.1365 Neovim 0.3.6 - Arbitrary Code Execution
2019-06-04 00:00:00
exploitdb
exploitdb
Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution
2019-06-04 00:00:00
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
24.3%
Related for DEBIANCVE:CVE-2002-1377