Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2008-4101
Description:Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
Test IDs: 1.3.6.1.4.1.25623.1.0.63500   1.3.6.1.4.1.25623.1.0.122541  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2008-4101
http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 30795
http://www.securityfocus.com/bid/30795
BugTraq ID: 31681
http://www.securityfocus.com/bid/31681
Bugtraq: 20080822 Vim: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search)
http://www.securityfocus.com/archive/1/495662
Bugtraq: 20080825 RE: Arbitrary Code Execution in Commands: K, Control-], g] (Google Search)
http://www.securityfocus.com/archive/1/495703
Bugtraq: 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim (Google Search)
http://www.securityfocus.com/archive/1/502322/100/0/threaded
http://www.mandriva.com/security/advisories?name=MDVSA-2008:236
http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2
http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2
http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e
http://www.rdancer.org/vulnerablevim-K.html
http://www.openwall.com/lists/oss-security/2008/09/11/4
http://www.openwall.com/lists/oss-security/2008/09/11/3
http://www.openwall.com/lists/oss-security/2008/09/16/5
http://www.openwall.com/lists/oss-security/2008/09/16/6
http://ftp.vim.org/pub/vim/patches/7.2/7.2.010
http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812
RedHat Security Advisories: RHSA-2008:0580
http://www.redhat.com/support/errata/RHSA-2008-0580.html
RedHat Security Advisories: RHSA-2008:0617
http://www.redhat.com/support/errata/RHSA-2008-0617.html
RedHat Security Advisories: RHSA-2008:0618
http://www.redhat.com/support/errata/RHSA-2008-0618.html
http://secunia.com/advisories/31592
http://secunia.com/advisories/32222
http://secunia.com/advisories/32858
http://secunia.com/advisories/32864
http://secunia.com/advisories/33410
http://www.ubuntu.com/usn/USN-712-1
http://www.vupen.com/english/advisories/2008/2780
http://www.vupen.com/english/advisories/2009/0033
http://www.vupen.com/english/advisories/2009/0904
XForce ISS Database: vim-normal-command-execution(44626)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44626




© 1998-2024 E-Soft Inc. All rights reserved.