12 matches found
CVE-2007-2438
creationtimestamp| type| source ---|---|--- 2025-04-10 19:09:41+00:00| seen| https://gist.github.com/eduardoarakaki/a203f83ced3b0992af6de67c2eeeb7a3...
Oracle: Security Advisory (ELSA-2007-0346)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 : Moderate: / vim (ELSA-2007-0346)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-0346 advisory. 7.0.109-3.3 - use gzip -9n to avoid multilib fileconflicts 7.0.109-3.2 - Let 'modeline' default to off for root - Resolves: bz238259 7.0.109-3.1 - fix modeline...
Ubuntu Update for vim vulnerability USN-463-1
Ubuntu Update for Linux kernel vulnerabilities USN-463-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4631.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for vim vulnerability USN-463-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.n...
Debian Security Advisory DSA 1364-1 (vim)
The remote host is missing an update to vim announced via advisory DSA 1364-1. OpenVAS Vulnerability Test $Id: deb13641.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1364-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1364-2)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 10 Security Update : vim (vim-3410)
Files with VIM modelines could call some unsafe VIM functions CVE-2007-2438. Modelines are disabled in the default config /etc/vimrc of openSUSE though. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2438. Reason: This candidate is a duplicate of CVE-2007-2438. Notes: All CVE users should reference CVE-2007-2438 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-2653
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2007-2438. Reason: This candidate is a duplicate of CVE-2007-2438. Notes: All CVE users should reference CVE-2007-2438 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2007-2653
CVE-2007-2653 is rejected; refer to CVE-2007-2438 instead; not an active vulnerability entry.
CVE-2007-2438
The sandbox for vim allows dangerous functions such as 1 writefile, 2 feedkeys, and 3 system, which might allow user-assisted attackers to execute shell commands and write files via modelines...
CVE-2007-2438
CVE-2007-2438 targets Vim’s sandbox, where modeline parsing grants access to dangerous functions (writefile, feedkeys, system), enabling user-assisted execution of shell commands and file writes. The issue affects Vim components exposed to modelines and has been addressed in multiple advisories a...