Back to search
CVE-2017-1000382
Published: Oct 31, 2017
Modified: Aug 5, 2024
PUBLISHED
Description
VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://security.cucumberlinux.com/security/details.php?id=120
x_refsource_CONFIRM
[oss-security] 20171031 Fw: Security risk of vim swap files
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now