Page 2 of 8 results (0.005 seconds)

CVSS: 4.6EPSS: 0%CPEs: 11EXPL: 0

CVE-2002-1377

https://notcve.org/view.php?id=CVE-2002-1377

vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. vim 6.0 y 6.1 y posiblemente otras versiones, permite a atacantes ejecutar comandos arbitrarios usando la característica libcall en lineas de modo, que no son apantalladas si no que pueden ser ejecutadas cuando vim es usado como editor para otros productos como mutt. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812 http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html http://marc.info/?l=bugtraq&m=108077992208690&w=2 http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700 http://www.guninski.com/vim1.html http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012 http://www.redhat.com/support/errata/RHSA-2002-297.html http://www.redhat.com/support/errata/RHSA-2002-302.html http: •

CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2001-0408

https://notcve.org/view.php?id=CVE-2001-0408

vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes. • http://marc.info/?l=bugtraq&m=98593106111968&w=2 http://www.calderasystems.com/support/security/advisories/CSSA-2001-014.0.txt http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-035.php3 http://www.novell.com/linux/security/advisories/2001_012_vim.html http://www.redhat.com/support/errata/RHSA-2001-008.html http://www.securityfocus.com/bid/2510 https://exchange.xforce.ibmcloud.com/vulnerabilities/6259 •

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1

CVE-2001-0409 – Vim 5.x - Swap File Race Condition

https://notcve.org/view.php?id=CVE-2001-0409

vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory. • https://www.exploit-db.com/exploits/20967 http://www.calderasystems.com/support/security/advisories/CSSA-2001-014.0.txt http://www.novell.com/linux/security/advisories/2001_012_vim.html https://exchange.xforce.ibmcloud.com/vulnerabilities/6628 •