4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
5.7%
VIM (Vi IMproved) is an updated and improved version of the vi screen-based
editor.
The Debian Security Audit Project discovered an insecure temporary file
usage in VIM. A local user could overwrite or create files as a different
user who happens to run one of the the vulnerable utilities. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0069 to this issue.
All users of VIM are advised to upgrade to these erratum packages, which
contain a backported patche for this issue.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ppc | vim-enhanced | < 6.3.046-0.30E.3 | vim-enhanced-6.3.046-0.30E.3.ppc.rpm |
RedHat | any | ia64 | vim-x11 | < 6.3.046-0.30E.3 | vim-X11-6.3.046-0.30E.3.ia64.rpm |
RedHat | any | ia64 | vim-minimal | < 6.3.046-0.30E.3 | vim-minimal-6.3.046-0.30E.3.ia64.rpm |
RedHat | any | i386 | vim-common | < 6.0-7.21 | vim-common-6.0-7.21.i386.rpm |
RedHat | any | i386 | vim-enhanced | < 6.0-7.21 | vim-enhanced-6.0-7.21.i386.rpm |
RedHat | any | i386 | vim-enhanced | < 6.3.046-0.30E.3 | vim-enhanced-6.3.046-0.30E.3.i386.rpm |
RedHat | any | i386 | vim-common | < 6.3.046-0.30E.3 | vim-common-6.3.046-0.30E.3.i386.rpm |
RedHat | any | ia64 | vim-enhanced | < 6.3.046-0.30E.3 | vim-enhanced-6.3.046-0.30E.3.ia64.rpm |
RedHat | any | x86_64 | vim-minimal | < 6.3.046-0.30E.3 | vim-minimal-6.3.046-0.30E.3.x86_64.rpm |
RedHat | any | i386 | vim-minimal | < 6.3.046-0.30E.3 | vim-minimal-6.3.046-0.30E.3.i386.rpm |