MiracleLinux 7 : vim-7.4.160-1.el7.1 (AXSA:2016-1205:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1205:01 advisory. VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular...

MiracleLinux 4 : vim-7.4.629-5.AXS4.1 (AXSA:2016-1206:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-1206:01 advisory. VIM VIsual editor iMproved is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular...

Linux Distros Unpatched Vulnerability : CVE-2016-1248

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary co...

RHEL 5 : vim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: Integer overflow at an unserializeuep memory allocation site CVE-2017-6350 - Untrusted search path...

K22183127: Vim vulnerability CVE-2016-1248

Security Advisory Description vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. CVE-2016-1248 Impact A local attacker may abuse...

Mageia: Security Advisory (MGASA-2017-0275)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2938-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2942-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2017-1033)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2017-1034)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: A vulnerability in vim affects PowerKVM

Summary PowerKVM is affected by a vulnerability in vim. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2016-1248 DESCRIPTION: Vim could allow a local attacker to execute arbitrary code on the system, caused by the improper validation of the 'filetype', 'syntax' and...

F5 Networks BIG-IP : Vim vulnerability (K22183127)

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. CVE-2016-1248 C Tenable Network Security, Inc. The descriptive text and package...

Updated vim packages fix security vulnerabilities

Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened CVE-2016-1248. A...

EulerOS 2.0 SP2 : vim (EulerOS-SA-2017-1034)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelin...

EulerOS 2.0 SP1 : vim (EulerOS-SA-2017-1033)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelin...

Apple Mac OS X Multiple Vulnerabilities-02 (Feb 2017)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for vim (openSUSE-SU-2016:2993-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Vim modelines Remote Command Execution (CVE-2016-1248)

A remote code execution vulnerability exists in the modeline component of Vim due to insufficient input validation when parsing the filetype, syntax, and keymap options in modelines. A remote unauthenticated attacker can exploit this vulnerability by enticing a user to open a file containing a...

FreeBSD : vim -- arbitrary command execution (c11629d3-c8ad-11e6-ae1b-002590263bf5)

Mitre reports : vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

OracleVM 3.3 / 3.4 : vim (OVMSA-2016-0182)

The remote OracleVM system is missing necessary patches to address critical security updates : - add fix for CVE-2016-1248 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The package checks in this plugin were extracted from OracleVM Security Advisory OVMSA-2016-0182...