Lucene search

K
freebsdFreeBSD1ED03222-3C65-11DC-B3D3-0016179B2DD5
HistoryJul 27, 2007 - 12:00 a.m.

vim -- Command Format String Vulnerability

2007-07-2700:00:00
vuxml.freebsd.org
24

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.331

Percentile

97.1%

A Secunia Advisory reports:

A format string error in the β€œhelptags_one()” function in
src/ex_cmds.c when running the β€œhelptags” command can be exploited
to execute arbitrary code via specially crafted help files.

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.331

Percentile

97.1%