Page 41 of 210 results (0.027 seconds)

CVSS: 3.7EPSS: 0%CPEs: 16EXPL: 0

src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure. El archivo src/configure.in en Vim versiones 5.0 hasta 7.1, cuando es usado para una compilación con soporte de Python, no garantiza que el archivo temporal Makefile-conf tenga la propiedad y los permisos previstos, lo que permite a usuarios locales ejecutar código arbitrario mediante la modificación de este archivo durante una ventana de tiempo o creándolo de antemano con permisos que impiden su modificación al configurarlo. • http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://seclists.org/fulldisclosure/2008/Jul/0312.html http://secunia.com/advisories/31159 http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/archive/1/494532/100/0/threaded http://www.securityfocus.com/archive/1/494535/100/0/threaded http://www.securityfocus.com/archive/1/494736/100/0/threaded http://www.securityfocus.com/bid/31681 http://www.vupen& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 1

Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075. Vim 7.1.314, 6.4 y otras versiones, permiten a atacantes remotos asistidos por el usuario ejecutar comandos de su elección a través de secuencias de comandos Vim que cuyos inputs no son limpiados correctamente previa a la ejecución o las funciones del sistema como se ha demostrado con (1) filetype.vim, (2) zipplugin, (3) xpm.vim, (4) gzip_vim y (5) netrw. • https://www.exploit-db.com/exploits/31911 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html http://marc.info/?l=bugtraq&m=121494431426308&w=2 http://secunia.com/advisories/30731 http://secunia.com/advisories/32222 http://secunia.com/advisories/32858 http://secunia.com/advisories/32864 http://secunia.com/a • CWE-20: Improper Input Validation •

CVSS: 6.8EPSS: 33%CPEs: 4EXPL: 0

Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. Vulnerabilidad de cadena de formato en la función helptags_one de src/ex_cmds.c en Vim 6.4 y anteriores, y 7.x hasta 7.1, permite a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante especificadores de cadena de formato en una etiqueta help-tags de un archivo de ayuda, relacionado con el comando helptags. • ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039 http://secunia.com/advisories/25941 http://secunia.com/advisories/26285 http://secunia.com/advisories/26522 http://secunia.com/advisories/26594 http://secunia.com/advisories/26653 http://secunia.com/advisories/26674 http://secunia.com/advisories/26822 http://secunia.com/advisories/32858 http://secunia.com/advisories/33410 http://secunia.com/secunia_research/2007-66/advisory http://support.avaya.com/elmodocs2/security/ •

CVSS: 7.6EPSS: 2%CPEs: 2EXPL: 1

The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines. El sandbox para el vim permite funciones peligrosas como (1) writefile, (2) feedkeys, y (3) system, lo que permite a atacantes con la intervención del usuario la ejecución de comandos shell y escribir ficheros a través de modelines. • http://attrition.org/pipermail/vim/2007-May/001614.html http://marc.info/?l=vim-dev&m=117762581821298&w=2 http://marc.info/?l=vim-dev&m=117778983714029&w=2 http://osvdb.org/36250 http://secunia.com/advisories/25024 http://secunia.com/advisories/25159 http://secunia.com/advisories/25182 http://secunia.com/advisories/25255 http://secunia.com/advisories/25367 http://secunia.com/advisories/25432 http://secunia.com/advisories/26653 http://tech.groups.yahoo.com •

CVSS: 9.3EPSS: 0%CPEs: 6EXPL: 2

vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. vim 6.3 anterior a la 6.3.082, con "modelines" habilitado, permite que atacantes remotos con la implicación del usuario que ejecuten comandos arbitrarios mediante metacaracteres de shell en los comandos "glob" o "expand" de una expresión "foldexpr". • http://lists.grok.org.uk/pipermail/full-disclosure/2005-July/035402.html http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html http://www.redhat.com/support/errata/RHSA-2005-745.html http://www.securityfocus.com/bid/14374 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11302 https://access.redhat.com/security/cve/CVE-2005-2368 https://bugzilla.redhat.com/show_bug.cgi?id=1617715 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •