Computer Security
[EN] securityvulns.ru no-pyccku


vim sandbox protection bypass
Published:12.05.2007
Source:
SecurityVulns ID:7697
Type:local
Threat Level:
5/10
Description:Potentially dangerous functions are allowed in modeline processing.
Affected:VIM : vim 7.0
CVE:CVE-2007-2438 (The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.)
Original documentdocumentMANDRIVA, [ MDKSA-2007:101 ] - Updated vim packages fix vulnerability (12.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod