CVSS: 9.1EPSS: 0%CPEs: 18EXPL: 0CVE-2008-4677
https://notcve.org/view.php?id=CVE-2008-4677
22 Oct 2008 — autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote FTP servers to obtain sensitive information in opportunistic circumstances by logging usernames and passwords. NOTE: the upstream vendor disputes a vector involving different ports on the same host, stating "I'm a... • http://groups.google.com/group/vim_dev/browse_thread/thread/2f6fad581a037971/a5fcf4c4981d34e6?show_docid=a5fcf4c4981d34e6 • CWE-255: Credentials Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2008-3432 – Vim - 'mch_expand_wildcards()' Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-3432
10 Oct 2008 — Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case. Desbordamiento de búfer basado en pila en la función mch_expand_wildcard en os_unix.c en Vim v6.2 y v6.3 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante metacaracteres del interprete de comandos en el nombre de los ficheros, como se ... • https://www.exploit-db.com/exploits/32225 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 9.8EPSS: 0%CPEs: 19EXPL: 3CVE-2008-4101 – Vim 7.1.314 - Insufficient Shell Escaping Multiple Command Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-4101
18 Sep 2008 — Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712. Vim 3.0 hasta 7.x anterior a 7.2.010, no escapa los caracteres de fo... • https://www.exploit-db.com/exploits/32289 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2008-3294
https://notcve.org/view.php?id=CVE-2008-3294
24 Jul 2008 — src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure. El archivo src/configure.in en Vim versiones 5.0 hasta 7.1, cuando es usado para una compilación con soporte de Python, no garantiza que el a... • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 1CVE-2008-2712 – Vim 7.x - Vim Script Multiple Command Execution Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-2712
16 Jun 2008 — Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075. Vim ... • https://www.exploit-db.com/exploits/31911 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 21%CPEs: 4EXPL: 0CVE-2007-2953 – vim format string flaw
https://notcve.org/view.php?id=CVE-2007-2953
31 Jul 2007 — Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. Vulnerabilidad de cadena de formato en la función helptags_one de src/ex_cmds.c en Vim 6.4 y anteriores, y 7.x hasta 7.1, permite a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante especificado... • ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039 •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 1CVE-2007-2438 – vim-7 modeline security issue
https://notcve.org/view.php?id=CVE-2007-2438
02 May 2007 — The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. El sandbox para el vim permite funciones peligrosas como (1) writefile, (2) feedkeys, y (3) system, lo que permite a atacantes con la intervención del usuario la ejecución de comandos shell y escribir ficheros a través de modelines. • http://attrition.org/pipermail/vim/2007-May/001614.html •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 2CVE-2005-2368
https://notcve.org/view.php?id=CVE-2005-2368
26 Jul 2005 — vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. vim 6.3 anterior a la 6.3.082, con "modelines" habilitado, permite que atacantes remotos con la implicación del usuario que ejecuten comandos arbitrarios mediante metacaracteres de shell en los comandos "glob" o "expand" de una expresión "foldexpr". • http://lists.grok.org.uk/pipermail/full-disclosure/2005-July/035402.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-0069
https://notcve.org/view.php?id=CVE-2005-0069
13 Jan 2005 — The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. • http://marc.info/?l=bugtraq&m=110608387001863&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2004-1138
https://notcve.org/view.php?id=CVE-2004-1138
22 Dec 2004 — VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. • http://marc.info/?l=bugtraq&m=110313588125609&w=2 •