9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.011 Low
EPSS
Percentile
82.6%
Vim (Visual editor IMproved) is an updated and improved version of the vi
editor.
Several input sanitization flaws were found in Vim’s keyword and tag
handling. If Vim looked up a document’s maliciously crafted tag or keyword,
it was possible to execute arbitrary code as the user running Vim.
(CVE-2008-4101)
Several input sanitization flaws were found in various Vim system
functions. If a user opened a specially crafted file, it was possible to
execute arbitrary code as the user running Vim. (CVE-2008-2712)
All Vim users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | vim-minimal | < 6.0-7.25 | vim-minimal-6.0-7.25.ia64.rpm |
RedHat | any | ia64 | vim-common | < 6.0-7.25 | vim-common-6.0-7.25.ia64.rpm |
RedHat | any | i386 | vim-x11 | < 6.0-7.25 | vim-X11-6.0-7.25.i386.rpm |
RedHat | any | ia64 | vim-x11 | < 6.0-7.25 | vim-X11-6.0-7.25.ia64.rpm |
RedHat | any | i386 | vim-common | < 6.0-7.25 | vim-common-6.0-7.25.i386.rpm |
RedHat | any | i386 | vim-enhanced | < 6.0-7.25 | vim-enhanced-6.0-7.25.i386.rpm |
RedHat | any | i386 | vim-minimal | < 6.0-7.25 | vim-minimal-6.0-7.25.i386.rpm |
RedHat | any | ia64 | vim-enhanced | < 6.0-7.25 | vim-enhanced-6.0-7.25.ia64.rpm |