4 matches found
VIM Information Disclosure Vulnerability
VIM is an open source, configurable text editor for creating and changing any type of text, which can be used on most UNIX systems and Apple OS X. It can be used on most UNIX systems. A security vulnerability exists in VIM version 8.0.1187 that stems from the program's failure to use a mask when...
CVE-2017-1000382
VIM version 8.0.1187 and other versions most likely ignores umask when creating a swap file "ORIGINALFILENAME.swp" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary...
CVE-2017-1000382
VIM version 8.0.1187 and other versions most likely ignores umask when creating a swap file "ORIGINALFILENAME.swp" resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary...
CVE-2017-1000382
CVE-2017-1000382 is tied to Vim prior to patch levels where 8.0.1187 (and likely other versions) ignores umask when creating a swap file named .swp, causing the swap file to be world-readable or accessible in ways not intended by the user running vim. The connected sources confirm this specific ...