Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2368

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2005-2368
Last Modified 18 Oct 2010 12:00:00
Published 26 Jul 2005 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2005-2368

Summary

vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.

Vulnerable Systems

Application

  • Vim Development Group Vim 6.3

  • Vim Development Group Vim 6.3.011

  • Vim Development Group Vim 6.3.025

  • Vim Development Group Vim 6.3.030

  • Vim Development Group Vim 6.3.044

  • Vim Development Group Vim 6.3.081


References

MISC - http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html

FULLDISC - 20050725 Help poor children in Uganda

BID - 14374

REDHAT - RHSA-2005:745


Last Updated: 27 May 2016 10:40:30