CVE-2007-2438

Related Files

Debian Linux Security Advisory 1364-2

Posted Sep 20, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1364-2 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim. This updated advisory repairs issues with missing files in the packages for the oldstable distribution (sarge) for the alpha, mips, and mipsel architectures.

tags | advisory, arbitrary, shell, vulnerability

systems | linux, debian

advisories | CVE-2007-2953, CVE-2007-2438

SHA-256 | c3785b66e8f5c4940f2f5cff8cbacf0010c2280153e65ca2f3c5312f02e34028

Download | Favorite | View

Debian Linux Security Advisory 1364-1

Posted Sep 5, 2007

Authored by Debian | Site debian.org

Debian Security Advisory 1364-1 - Several vulnerabilities have been discovered in the vim editor. Ulf Harnhammar discovered that a format string flaw in helptags_one() from src/ex_cmds.c (triggered through the "helptags" command) can lead to the execution of arbitrary code. Editors often provide a way to embed editor configuration commands (aka modelines) which are executed once a file is opened. Harmful commands are filtered by a sandbox mechanism. It was discovered that function calls to writefile(), feedkeys() and system() were not filtered, allowing shell command execution with a carefully crafted file opened in vim.

tags | advisory, arbitrary, shell, vulnerability

systems | linux, debian

advisories | CVE-2007-2953, CVE-2007-2438

SHA-256 | 568c5f44ec4fc3ee2bced8b7d5302fe9094997142525e4dbfc74de8974db733e

Download | Favorite | View

Ubuntu Security Notice 463-1

Posted May 23, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 463-1 - Tomas Golembiovsky discovered that some vim commands were accidentally allowed in modelines. By tricking a user into opening a specially crafted file in vim, an attacker could execute arbitrary code with user privileges.

tags | advisory, arbitrary

systems | linux, ubuntu

advisories | CVE-2007-2438

SHA-256 | 3fb2cb00293b9433bb7a314ad1133ece46c6ffedfee76a4d5aa89f878f586f2a

Download | Favorite | View

Mandriva Linux Security Advisory 2007.101

Posted May 11, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A vulnerability in vim 7.0's modeline processing capabilities was discovered where a user with modelines enabled could open a text file containing a carefully crafted modeline, executing arbitrary commands as the user running vim.

tags | advisory, arbitrary

systems | linux, mandriva

advisories | CVE-2007-2438

SHA-256 | 47d095c34a87489ebce6d5d79410de588957dfaacc3076c387a39116aeb7f7af

Download | Favorite | View