8172 matches found
FreeBSD Ports: vim, vim-lite, vim-ruby, vim6, vim6-ruby
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: vim, vim-lite, vim-ruby, vim6, vim6-ruby
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: vim, vim-lite, vim+ruby
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: vim, vim-lite, vim+ruby
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
vim multiple security vulnerabilities
Code execution on file open...
Vim: Arbitrary Code Execution in Commands: K, Control-], g]
Vim: Arbitrary Code Execution in Commands: K, Control-, g 1. SUMMARY Product : Vim -- Vi IMproved Versions : 3.0--current, possibly older Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-K.html Insufficient sanitization can lead to Vim executing...
vim-sanitize.txt
Vim: Arbitrary Code Execution in Commands: K, Control-, g 1. SUMMARY Product : Vim -- Vi IMproved Versions : 3.0--current, possibly older Impact : Arbitrary code execution Wherefrom: Local Original : http://www.rdancer.org/vulnerablevim-K.html Insufficient sanitization can lead to Vim executing...
Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities
Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities source: https://www.securityfocus.com/bid/30795/info Vim is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting...
Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities
source: https://www.securityfocus.com/bid/30795/info Vim is prone to multiple command-execution vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues can allow an attacker to execute arbitrary commands with the privileges o...
Vim: Netrw: FTP User Name and Password Disclosure
Vim: Netrw: FTP User Name and Password Disclosure 1. SUMMARY Product : Vim -- Vi IMproved Versions : Tested with Vim 7.1.266, 7.2, autoload/netrw.vim v131, v109 Impact : Credentials disclosure Wherefrom: Remote Original : http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html The Vim Net...
vim-ftp.txt
Vim: Netrw: FTP User Name and Password Disclosure 1. SUMMARY Product : Vim -- Vi IMproved Versions : Tested with Vim 7.1.266, 7.2, autoload/netrw.vim v131, v109 Impact : Credentials disclosure Wherefrom: Remote Original : http://www.rdancer.org/vulnerablevim-netrw-credentials-dis.html The Vim Net...
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives
Vim 7.2c.002 Fixes Arbitrary Command Execution when Handling Tar Archives 1. SUMMARY Product : Vim -- Vi IMproved Version : Vim = 7.0 possibly older, fixed in 7.2c.002 autoload/tar.vim version = 9 possibly older Impact : Arbitrary code execution Wherefrom: Local, remote Original :...
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20
Vim: Unfixed Vulnerabilities in Tar Plugin Version 20 1. SUMMARY Product : Vim -- Vi IMproved Version : Vim = 7.0 possibly older, present in 7.2c.002 autoload/tar.vim = 9 possibly older, present in version 20 Impact : Arbitrary code execution Wherefrom: Local, remote CVE : CVE-2008-2712 Original ...
vim6 -- heap-based overflow while parsing shell metacharacters
Description for CVE-2008-3432 says: Heap-based buffer overflow in the mchexpandwildcards function in osunix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case...
[slackware-security] vim
New vim packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. More details about this issue may be found here: http://www.rdancer.org/vulnerablevim.html Here are the details from the Slackware 12.1 ChangeLog: patches/packages/vim-7.1.330-i486-1slack12.1.tgz:...
Slackware 11.0 / 12.0 / 12.1 / current : vim (SSA:2008-210-10)
New vim packages are available for Slackware 11.0, 12.0, 12.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2008-210-10. The text itself is copyright...
CVE-2008-3294
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...
Code injection
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...
CVE-2008-3294
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...
CVE-2008-3294
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it...