11 matches found
RHEL 5 : vim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: Integer overflow at an unserializeuep memory allocation site CVE-2017-6350 - Untrusted search path...
openSUSE Security Update : gvim (gvim-561)
The VI Improved editor vim was updated to version 7.2.108 to fix various security problems and other bugs. CVE-2008-4677: The netrw plugin sent credentials to all servers. CVE-2009-0316: The python support used a search path including the current directory, allowing code injection when python cod...
Mandriva Linux Security Advisory : vim (MDVSA-2009:047-1)
Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Vim working directory CVE-2009-0316. This update...
Mandrake Security Advisory MDVSA-2009:047-1 (vim)
The remote host is missing an update to vim announced via advisory MDVSA-2009:047-1. OpenVAS Vulnerability Test $Id: mdksa20090471.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:047-1 vim Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Mandrake Security Advisory MDVSA-2009:047 (vim)
The remote host is missing an update to vim announced via advisory MDVSA-2009:047. OpenVAS Vulnerability Test $Id: mdksa2009047.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:047 vim Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...
Vim PySys_SetArgv函数本地命令执行漏洞
BUGTRAQ ID: 33447 CVECAN ID: CVE-2009-0316 VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。 VIM的python接口使用argv0调用PySysSetArgv函数。由于Python对sys.path变量附加了空字符串,如果工作目录中的文件名匹配VIM试图导入的python模块名,就可能允许本地用户在系统中执行任意代码。 VIM Development Group VIM...
[ MDVSA-2009:047 ] vim
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2009:047 http://www.mandriva.com/security/ Package : vim Date : February 20, 2009 Affected: 2008.1, 2009.0, Corporate 3.0, Corporate 4.0 Problem Description: Python has a variable called sys.path that contains al...
CVE-2009-0316
Untrusted search path vulnerability in src/ifpython.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983, as demonstrated ...
CVE-2009-0316
Untrusted search path vulnerability in src/ifpython.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983, as demonstrated ...
CVE-2009-0316
CVE-2009-0316 describes an untrusted search path vulnerability in Vim’s Python interface (src/if_python.c). Vim versions before 7.2.045 are affected. The PySys_SetArgv API behavior prepends an empty string to sys.path when argv[0] lacks a path separator, enabling local users to execute arbitrary ...
CVE-2009-0316
Untrusted search path vulnerability in src/ifpython.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983, as demonstrated ...