Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0316

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2009-0316
Last Modified 01 Apr 2010 12:00:00
Published 28 Jan 2009 06:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0316

Summary

Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.

Vulnerable Systems

Application

  • Vim 1.0

  • Vim 1.22

  • Vim 3.0

  • Vim 4.0

  • Vim 5.0

  • Vim 5.1

  • Vim 5.2

  • Vim 5.3

  • Vim 5.4

  • Vim 5.5

  • Vim 5.6

  • Vim 5.7

  • Vim 5.8

  • Vim 6.0

  • Vim 6.1

  • Vim 6.2

  • Vim 6.3

  • Vim 6.4

  • Vim 7.0

  • Vim 7.1

  • Vim 7.2


References

CONFIRM - https://svn.pardus.org.tr/pardus/2008/applications/editors/vim/files/official/7.2.045

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=481565

XF - vim-pysyssetargv-privilege-escalation(48275)

BID - 33447

MLIST - [oss-security] 20090126 CVE request -- Python < 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)

MLIST - [debian-bugs-rc] 20080805 Bug#484305: bicyclerepair: bike.vim imports untrusted python files from cwd

MANDRIVA - MDVSA-2009:047

CONFIRM - http://support.apple.com/kb/HT4077

APPLE - APPLE-SA-2010-03-29-1

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493937

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305


Last Updated: 27 May 2016 10:50:12