Lucene search
K

226 matches found

Tenable Nessus
Tenable Nessus
added 2006/01/15 12:0 a.m.22 views

Ubuntu 4.10 : vim vulnerability (USN-52-1)

Ciaran McCreesh found several vulnerabilities related to the use of options in Vim modeline commands, such as 'termcap', 'printdevice', 'titleold', 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode', and 'langmenu'. If an attacker tricked an user to open a file with a specially crafted...

7.2CVSS5.9AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2005/09/08 12:0 a.m.7 views

DTSA-12-1 vim - modeline exploits

Bulletin has no description...

9.3CVSS6.3AI score0.02726EPSS
Exploits1
Cent OS
Cent OS
added 2005/08/22 11:25 p.m.53 views

vim security update

CentOS Errata and Security Advisory CESA-2005:745-01 Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM VIsual editor iMproved is a version of the vi editor. A bug was found in the w...

9.3CVSS5.7AI score0.02726EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2005/08/22 2:12 p.m.29 views

Low: Red Hat Security Advisory: vim security update

Updated vim packages that fix a security issue are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM VIsual editor iMproved is a version of the vi editor. A bug was found in the way VIM processes modelines. If a user with modelines...

9.3CVSS5.7AI score0.02726EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/08/01 12:0 a.m.21 views

FreeBSD : vim -- vulnerabilities in modeline handling: glob, expand (81f127a8-0038-11da-86bc-000e0c2e438a)

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS5.9AI score0.02726EPSS
Exploits1References3
Ubuntu
Ubuntu
added 2005/07/26 10:42 p.m.27 views

USN-154-1: vim vulnerability

Georgi Guninski discovered that it was possible to construct Vim modelines that execute arbitrary shell commands by wrapping them in glob or expand function calls. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands...

5.8AI score
Exploits0References1
FreeBSD
FreeBSD
added 2005/07/25 12:0 a.m.21 views

vim -- vulnerabilities in modeline handling: glob, expand

Georgi Guninski discovered a way to construct Vim modelines that execute arbitrary shell commands. The vulnerability can be exploited by including shell commands in modelines that call the glob or expand functions. An attacker could trick an user to read or edit a trojaned file with modelines...

9.3CVSS7AI score0.02726EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.21 views

FreeBSD : vim -- vulnerabilities in modeline handling (bd9fc2bf-5ffe-11d9-a11a-000a95bc6fae)

Ciaran McCreesh discovered news ways in which a VIM modeline can be used to trojan a text file. The patch by Bram Moolenaar reads : Problem: Unusual characters in an option value may cause unexpected behavior, especially for a modeline. Ciaran McCreesh Solution: Don't allow setting termcap option...

7.2CVSS5.3AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/02/15 9:36 a.m.6 views

security flaw

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS6AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/02/15 9:36 a.m.35 views

Low: Red Hat Security Advisory: vim security update

Updated vim packages that fix security vulnerabilities are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCrees...

7.2CVSS6AI score0.0041EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/01/10 5:0 a.m.22 views

CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS6AI score0.0041EPSS
Exploits0References2
OSV
OSV
added 2005/01/10 5:0 a.m.1 views

DEBIAN-CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS7.2AI score0.0041EPSS
Exploits0References1
OSV
OSV
added 2005/01/10 5:0 a.m.4 views

CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

6.9AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2005/01/07 12:0 a.m.20 views

Mandrake Linux Security Advisory : vim (MDKSA-2005:003)

Several 'modeline'-related vulnerabilities were discovered in Vim by Ciaran McCreesh. The updated packages have been patched with Bram Moolenaar's vim 6.3.045 patch which fixes the reported vulnerabilities and adds more conservative 'modeline' rights. %NASLMINLEVEL 70300 C Tenable Network Securit...

7.2CVSS5.3AI score0.0041EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2005/01/06 12:0 a.m.22 views

RHEL 2.1 / 3 : vim (RHSA-2005:010)

Updated vim packages that fix a modeline vulnerability are now available. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially...

7.2CVSS5.7AI score0.0041EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/01/05 3:38 p.m.4 views

security flaw

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

7.2CVSS6AI score0.0041EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/01/05 3:38 p.m.34 views

Low: Red Hat Security Advisory: vim security update

Updated vim packages that fix a modeline vulnerability are now available. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially...

7.2CVSS6AI score0.0041EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2004/12/23 10:54 p.m.40 views

USN-52-1: vim vulnerability

Ciaran McCreesh found several vulnerabilities related to the use of options in Vim modeline commands, such as 'termcap', 'printdevice', 'titleold', 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode', and 'langmenu'. If an attacker tricked an user to open a file with a specially crafted...

7.2CVSS5.7AI score0.0041EPSS
Exploits0
Cvelist
Cvelist
added 2004/12/22 5:0 a.m.24 views

CVE-2004-1138

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...

6.8AI score0.0041EPSS
Exploits0References7
CVE
CVE
added 2004/12/22 5:0 a.m.65 views

CVE-2004-1138

CVE-2004-1138 affects Vim and GVim up to version 6.3. A crafted modeline can be executed when a file is viewed with certain options (termcap, printdevice, titleold, filetype, syntax, backupext, keymap, patchmode, langmenu), enabling local command execution with the user’s privileges. Mitigations/...

7.2CVSS6.8AI score0.0041EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder