CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 2CVE-2005-2368
https://notcve.org/view.php?id=CVE-2005-2368
26 Jul 2005 — vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. vim 6.3 anterior a la 6.3.082, con "modelines" habilitado, permite que atacantes remotos con la implicación del usuario que ejecuten comandos arbitrarios mediante metacaracteres de shell en los comandos "glob" o "expand" de una expresión "foldexpr". • http://lists.grok.org.uk/pipermail/full-disclosure/2005-July/035402.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2005-0069
https://notcve.org/view.php?id=CVE-2005-0069
13 Jan 2005 — The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink attack on temporary files. • http://marc.info/?l=bugtraq&m=110608387001863&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2004-1138
https://notcve.org/view.php?id=CVE-2004-1138
22 Dec 2004 — VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu. • http://marc.info/?l=bugtraq&m=110313588125609&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2002-1377
https://notcve.org/view.php?id=CVE-2002-1377
23 Dec 2002 — vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt. vim 6.0 y 6.1 y posiblemente otras versiones, permite a atacantes ejecutar comandos arbitrarios usando la característica libcall en lineas de modo, que no son apantalladas si no que pueden ser ejecutadas cuando vim es usado como editor para otros productos como mu... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812 •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0408
https://notcve.org/view.php?id=CVE-2001-0408
18 Jun 2001 — vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes. • http://marc.info/?l=bugtraq&m=98593106111968&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2001-0409 – Vim 5.x - Swap File Race Condition
https://notcve.org/view.php?id=CVE-2001-0409
18 Jun 2001 — vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory. • https://www.exploit-db.com/exploits/20967 •