USN-52-1: vim vulnerability

🗓️ 23 Dec 2004 22:54:06Reported by UbuntuType

ubuntu

ubuntu🔗 ubuntu.com👁 38 Views

Vim modeline vulnerabilities allow attackers to execute commands with user privileges on Ubuntu 4.10.

Reporter	Title	Published	Views	Family All 28
FreeBSD	vim -- vulnerabilities in modeline handling	9 Dec 200400:00	–	freebsd
CVE	CVE-2004-1138	22 Dec 200405:00	–	cve
Cvelist	CVE-2004-1138	22 Dec 200405:00	–	cvelist
Debian CVE	CVE-2004-1138	22 Dec 200405:00	–	debiancve
EUVD	EUVD-2004-1136	7 Oct 202500:30	–	euvd
Tenable Nessus	FreeBSD : vim -- vulnerabilities in modeline handling (bd9fc2bf-5ffe-11d9-a11a-000a95bc6fae)	13 Jul 200500:00	–	nessus
Tenable Nessus	GLSA-200412-10 : Vim, gVim: Vulnerable options in modelines	15 Dec 200400:00	–	nessus
Tenable Nessus	Mandrake Linux Security Advisory : vim (MDKSA-2005:003)	7 Jan 200500:00	–	nessus
Tenable Nessus	RHEL 2.1 / 3 : vim (RHSA-2005:010)	6 Jan 200500:00	–	nessus
Tenable Nessus	RHEL 4 : vim (RHSA-2005:036)	22 Feb 200500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	4.10	any	kvim	0	kvim_any_any.deb
Ubuntu	4.10	any	vim	0	vim_any_any.deb
Ubuntu	4.10	any	vim-gnome	0	vim-gnome_any_any.deb
Ubuntu	4.10	any	vim-gtk	0	vim-gtk_any_any.deb
Ubuntu	4.10	any	vim-lesstif	0	vim-lesstif_any_any.deb
Ubuntu	4.10	any	vim-perl	0	vim-perl_any_any.deb
Ubuntu	4.10	any	vim-python	0	vim-python_any_any.deb
Ubuntu	4.10	any	vim-tcl	0	vim-tcl_any_any.deb

23 Dec 2004 22:54Current

5.7Medium risk

Vulners AI Score5.7

CVSS 27.2

EPSS0.00067

vim vulnerability modeline commands ubuntu 4.10 execute commands user privileges ciaran mccreesh unix.