vim sandbox protection bypass
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
vim sandbox protection bypass
Published:
12.05.2007
Source:
BUGTRAQ
SecurityVulns ID:
7697
Type:
local
Level:
5
/10
Description:
Potentially dangerous functions are allowed in modeline processing.
Affected:
VIM
:
vim 7.0
CVE:
CVE-2007-2438
(The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.)
Original document
MANDRIVA
,
[ MDKSA-2007:101 ] - Updated vim packages fix vulnerability
(
12.05.2007
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
