Page 39 of 192 results (0.006 seconds)

CVSS: 6.8EPSS: 33%CPEs: 4EXPL: 0

Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. Vulnerabilidad de cadena de formato en la función helptags_one de src/ex_cmds.c en Vim 6.4 y anteriores, y 7.x hasta 7.1, permite a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante especificadores de cadena de formato en una etiqueta help-tags de un archivo de ayuda, relacionado con el comando helptags. • ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039 http://secunia.com/advisories/25941 http://secunia.com/advisories/26285 http://secunia.com/advisories/26522 http://secunia.com/advisories/26594 http://secunia.com/advisories/26653 http://secunia.com/advisories/26674 http://secunia.com/advisories/26822 http://secunia.com/advisories/32858 http://secunia.com/advisories/33410 http://secunia.com/secunia_research/2007-66/advisory http://support.avaya.com/elmodocs2/security/ •

CVSS: 7.6EPSS: 2%CPEs: 2EXPL: 1

The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. El sandbox para el vim permite funciones peligrosas como (1) writefile, (2) feedkeys, y (3) system, lo que permite a atacantes con la intervención del usuario la ejecución de comandos shell y escribir ficheros a través de modelines. • http://attrition.org/pipermail/vim/2007-May/001614.html http://marc.info/?l=vim-dev&m=117762581821298&w=2 http://marc.info/?l=vim-dev&m=117778983714029&w=2 http://osvdb.org/36250 http://secunia.com/advisories/25024 http://secunia.com/advisories/25159 http://secunia.com/advisories/25182 http://secunia.com/advisories/25255 http://secunia.com/advisories/25367 http://secunia.com/advisories/25432 http://secunia.com/advisories/26653 http://tech.groups.yahoo.com •