Page 38 of 201 results (0.020 seconds)

CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0

CVE-2009-0316

https://notcve.org/view.php?id=CVE-2009-0316

Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. Una vulnerabilidad de ruta de búsqueda no confiable en el archivo src/if_python.c en la interfaz de Python en Vim en versiones anteriores a 7.2.045, permite a los usuarios locales ejecutar código arbitrario por medio de un archivo Python de tipo caballo de Troya en el directorio de trabajo actual, relacionado con una vulnerabilidad en la función PySys_SetArgv (CVE- 2008-5983), como es demostrado por una ruta de búsqueda errónea para el archivo plugin/bike.vim en bicyclerepair. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493937 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 http://www.mandriva.com/security/advisories?name=MDVSA-2009:047 http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html http://www.openwall.com/lists/oss-security/2009/01/26/2 http://www.securityf •

CVSS: 9.3EPSS: 0%CPEs: 17EXPL: 2

CVE-2008-3075 – plugin: improper Implementation of shellescape() (arbitrary code execution)

https://notcve.org/view.php?id=CVE-2008-3075

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3074. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://secunia.com/advisories/34418 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://www.openwall.com/lists/oss-security/2008/07/07/1 http://www.openwall.com/lists/oss-security/2008/07/07/4 http://www.openwall. • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 2

CVE-2008-3074 – plugin: improper Implementation of shellescape() (arbitrary code execution)

https://notcve.org/view.php?id=CVE-2008-3074

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://secunia.com/advisories/34418 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://www.openwall.com/lists/oss-security/2008/07/07/1 http://www.openwall.com/lists/oss-security/2008/07/07/4 http://www.openwall. • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 4.3EPSS: 0%CPEs: 18EXPL: 0

CVE-2008-4677

https://notcve.org/view.php?id=CVE-2008-4677

autoload/netrw.vim (aka the Netrw Plugin) 109, 131, and other versions before 133k for Vim 7.1.266, other 7.1 versions, and 7.2 stores credentials for an FTP session, and sends those credentials when attempting to establish subsequent FTP sessions to servers on different hosts, which allows remote FTP servers to obtain sensitive information in opportunistic circumstances by logging usernames and passwords. NOTE: the upstream vendor disputes a vector involving different ports on the same host, stating "I'm assuming that they're using the same id and password on that unchanged hostname, deliberately." autoload/netrw.vim (también conocido como Netrw Plugin) v109, v131, y versiones anteriores a v133k para Vim v7.1.266, otras versiones v7.1 , y v7.2, guardan las credenciales de las sesiones FTP y envían estos datos al intentar establecer sesiones FTP posteriores a los servidores en diferentes host, lo que permite a los servidores FTP obtener información sensible en circunstancias oportunas mediante la validación con nombres de usuario y contraseñas. NOTA: el fabricante cuestiona un vector involucrando a distintos puertos en un mismo host afirmando que "Asumimos que están usando el mismo id y contraseña sobre el mismo servidor de manera intencionada". • http://groups.google.com/group/vim_dev/browse_thread/thread/2f6fad581a037971/a5fcf4c4981d34e6?show_docid=a5fcf4c4981d34e6 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://secunia.com/advisories/31464 http://secunia.com/advisories/34418 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://www.openwall.com/lists/oss-security/2008/10/06/4 http://www.openwall.com/lists/oss-security/2008/10/16/2 http://www.openwall.com/lists/oss-security/20 • CWE-255: Credentials Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2008-3432 – Vim - 'mch_expand_wildcards()' Heap Buffer Overflow

https://notcve.org/view.php?id=CVE-2008-3432

Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case. Desbordamiento de búfer basado en pila en la función mch_expand_wildcard en os_unix.c en Vim v6.2 y v6.3 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante metacaracteres del interprete de comandos en el nombre de los ficheros, como se ha demostrado por el caso de prueba netrw.v3. • https://www.exploit-db.com/exploits/32225 ftp://ftp.vim.org/pub/vim/patches/6.2.429 ftp://ftp.vim.org/pub/vim/patches/6.3/6.3.059 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://secunia.com/advisories/32858 http://secunia.com/advisories/33410 http://support.apple.com/kb/HT3216 http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm http://www.openwall.com/lists/oss-security/2008 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •