QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2007-2438

Back to search

CVE-2007-2438

Published: May 2, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.

VendorProductVersions

n/a

n/a

affected
n/a

References

25024
third-party-advisory
x_refsource_SECUNIA
25159
third-party-advisory
x_refsource_SECUNIA
1018035
vdb-entry
x_refsource_SECTRACK
USN-463-1
vendor-advisory
x_refsource_UBUNTU
ADV-2007-1599
vdb-entry
x_refsource_VUPEN
25182
third-party-advisory
x_refsource_SECUNIA
2007-0017
vendor-advisory
x_refsource_TRUSTIX
SUSE-SR:2007:012
vendor-advisory
x_refsource_SUSE
RHSA-2007:0346
vendor-advisory
x_refsource_REDHAT
DSA-1364
vendor-advisory
x_refsource_DEBIAN
26653
third-party-advisory
x_refsource_SECUNIA
20070513 OMG VIM VULN
mailing-list
x_refsource_VIM
23725
vdb-entry
x_refsource_BID
20070430 FLEA-2007-0014-1: vim
mailing-list
x_refsource_BUGTRAQ
25255
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:9876
vdb-entry
signature
x_refsource_OVAL
MDKSA-2007:101
vendor-advisory
x_refsource_MANDRIVA
25432
third-party-advisory
x_refsource_SECUNIA
25367
third-party-advisory
x_refsource_SECUNIA
36250
vdb-entry
x_refsource_OSVDB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now