4 matches found
SUSE CVE-2008-6235
The Netrw plugin netrw.vim in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the 1 "D" delete command or 2 b:netrwcurdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases...
Oracle: Security Advisory (ELSA-2008-0580)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : gvim (gvim-561)
The VI Improved editor vim was updated to version 7.2.108 to fix various security problems and other bugs. CVE-2008-4677: The netrw plugin sent credentials to all servers. CVE-2009-0316: The python support used a search path including the current directory, allowing code injection when python cod...
CVE-2008-6235
CVE-2008-6235 affects Vim 7.0/7.1 through the netrw.vim plugin, which allows command execution via shell metacharacters in filenames used by the D (delete) command or b:netrw_curdir. Exploitation could lead to arbitrary code execution. Public fixes exist (e.g., advisories RHSA-2008:0580 and OpenS...