Page 39 of 209 results (0.020 seconds)

CVSS: 7.8EPSS: 81%CPEs: 2EXPL: 0

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. vim en versiones anteriores a patch 8.0.0056 no valida correctamente los valores para las opciones 'filetype', 'syntax' y 'keymap', lo que puede resulta en la ejecución de código arbitrario si se abre un archivo con una línea de modo especialmente manipulada. A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. • http://openwall.com/lists/oss-security/2016/11/22/20 http://rhn.redhat.com/errata/RHSA-2016-2972.html http://www.debian.org/security/2016/dsa-3722 http://www.securityfocus.com/bid/94478 http://www.securitytracker.com/id/1037338 http://www.ubuntu.com/usn/USN-3139-1 https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040 https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a& • CWE-20: Improper Input Validation CWE-138: Improper Neutralization of Special Elements •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 3

The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute arbitrary commands via shell metacharacters in a filename used by the (1) "D" (delete) command or (2) b:netrw_curdir variable, as demonstrated using the netrw.v4 and netrw.v5 test cases. El plugin Netrw (netrw.vim) en Vim v7.0 y v7.1 permite a atacantes asistidos por el usuario ejecutar comandos de su elección a través de metacaracteres de línea de comandos en un fichero utilizado por (1) comando "D" (borrar) o (2) variable b:netrw_curdir, como ha sido demostrado utilizando los casos de prueba netrw.v4 y netrw.v5. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://secunia.com/advisories/34418 http://www.openwall.com/lists/oss-security/2008/10/16/2 http://www.openwall.com/lists/oss-security/2008/10/20/2 http://www.rdancer.org/vulnerablevim-netrw.html http://www.rdancer.org/vulnerablevim-netrw.v2.html http://www.rdancer.org/vulnerablevim-netrw.v5.html http://www.redhat.com/support/errata/RHSA-2008-0580.html https://oval.cisecurity.org/repository/search/ • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 6.9EPSS: 0%CPEs: 21EXPL: 0

Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. Una vulnerabilidad de ruta de búsqueda no confiable en el archivo src/if_python.c en la interfaz de Python en Vim en versiones anteriores a 7.2.045, permite a los usuarios locales ejecutar código arbitrario por medio de un archivo Python de tipo caballo de Troya en el directorio de trabajo actual, relacionado con una vulnerabilidad en la función PySys_SetArgv (CVE- 2008-5983), como es demostrado por una ruta de búsqueda errónea para el archivo plugin/bike.vim en bicyclerepair. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493937 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://support.apple.com/kb/HT4077 http://www.mandriva.com/security/advisories?name=MDVSA-2009:047 http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html http://www.openwall.com/lists/oss-security/2009/01/26/2 http://www.securityf •

CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 7

The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. El plugin Netrw 125 en netrw.vim en Vim 7.2a.10 permite a atacantes asistidos por el usuario ejecutar comandos de su elección a través de metacaracteres de línea de comandos en utilizados para ejecutar funciones de sistema dentro de los comandos (1) mz y (2) mc, como se demostro en los casos de prueba netrw.v2 y netrw.v3. NOTA: Esta informacion existe por el arreglo incompleto de CVE-2008-2712. • https://www.exploit-db.com/exploits/32012 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://marc.info/?l=oss-security&m=122416184431388&w=2 http://secunia.com/advisories/34418 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://www.openwall.com/lists/oss-security • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 2

The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://secunia.com/advisories/34418 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324 http://www.mandriva.com/security/advisories?name=MDVSA-2008:236 http://www.openwall.com/lists/oss-security/2008/07/07/1 http://www.openwall.com/lists/oss-security/2008/07/07/4 http://www.openwall. • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •