9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.006 Low
EPSS
Percentile
78.1%
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows
user-assisted attackers to execute arbitrary code via the β!β (exclamation
point) shell metacharacter in (1) the filename of a tar archive and
possibly (2) the filename of the first file in a tar archive, which is not
properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as
demonstrated by the shellescape, tarplugin.v2, tarplugin, and
tarplugin.updated test cases. NOTE: this issue reportedly exists because
of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root
cause as CVE-2008-3075. NOTE: due to the complexity of the associated
disclosures and the incomplete information related to them, there may be
inaccuracies in this CVE description and in external mappings to this
identifier.
Author | Note |
---|---|
mdeslaur | This was patched in vim from usn-712-1 |