8172 matches found
DEBIAN-CVE-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
CVE-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
CVE-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
Mandrake Linux Security Advisory : vim (MDKSA-2005:003)
Several 'modeline'-related vulnerabilities were discovered in Vim by Ciaran McCreesh. The updated packages have been patched with Bram Moolenaar's vim 6.3.045 patch which fixes the reported vulnerabilities and adds more conservative 'modeline' rights. %NASLMINLEVEL 70300 C Tenable Network Securit...
RHEL 2.1 / 3 : vim (RHSA-2005:010)
Updated vim packages that fix a modeline vulnerability are now available. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially...
Low: Red Hat Security Advisory: vim security update
Updated vim packages that fix a modeline vulnerability are now available. VIM Vi IMproved is an updated and improved version of the vi screen-based editor. Ciaran McCreesh discovered a modeline vulnerability in VIM. It is possible that a malicious user could create a file containing a specially...
security flaw
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
USN-52-1: vim vulnerability
Ciaran McCreesh found several vulnerabilities related to the use of options in Vim modeline commands, such as 'termcap', 'printdevice', 'titleold', 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode', and 'langmenu'. If an attacker tricked an user to open a file with a specially crafted...
CVE-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
CVE-2004-1138
CVE-2004-1138 affects Vim and GVim up to version 6.3. A crafted modeline can be executed when a file is viewed with certain options (termcap, printdevice, titleold, filetype, syntax, backupext, keymap, patchmode, langmenu), enabling local command execution with the user’s privileges. Mitigations/...
CVE-2004-1138
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as 1 termcap, 2 printdevice, 3 titleold, 4 filetype, 5 syntax, 6 backupext, 7 keymap, 8 patchmode, or 9 langmenu...
vim privilege escalation
Icorrect modelines options handling...
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines
Gentoo Linux Security Advisory GLSA 200412-10 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Vim, gVim: Vulnerable options in modelines
Background Vim is an efficient, highly configurable improved version of the classic 'vi' text editor. gVim is the GUI version of Vim. Description Gentoo's Vim maintainer, Ciaran McCreesh, found several vulnerabilities related to the use of options in Vim modelines. Options like 'termcap',...
GLSA-200412-10 : Vim, gVim: Vulnerable options in modelines
The remote host is affected by the vulnerability described in GLSA-200412-10 Vim, gVim: Vulnerable options in modelines Gentoo's Vim maintainer, Ciaran McCreesh, found several vulnerabilities related to the use of options in Vim modelines. Options like 'termcap', 'printdevice', 'titleold',...
CVE-2002-1377
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt...
CVE-2002-1377
CVE-2002-1377 affects Vim 6.0 and 6.1 (and possibly other versions) and is caused by the libcall feature in modelines not being sandboxed, enabling arbitrary command execution when a malicious file is edited (e.g., via mutt). The vulnerability is triggered locally when Opened files contain crafte...
CVE-2002-1377
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt...
Mandrake Linux Security Advisory : vim (MDKSA-2003:012)
A vulnerability was discovered in vim by Georgi Guninski that allows arbitrary command execution using the libcall feature found in modelines. A patch to fix this problem was introduced in vim 6.1 patchlevel 265. This patch has been applied to the provided update packages. %NASLMINLEVEL 70300 C...
RHEL 2.1 : vim (RHSA-2002:302)
Updated VIM packages are available for Red Hat Linux Advanced Server. These updates resolve a security issue when opening a specially crafted text file. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 VIM VIsual editor iMproved is a version of the vi editor. VIM allows a use...