CVE-2007-2438

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.

References

http://attrition.org/pipermail/vim/2007-May/001614.html

http://marc.info/?l=vim-dev&m=117762581821298&w=2

http://marc.info/?l=vim-dev&m=117778983714029&w=2

http://osvdb.org/36250

http://secunia.com/advisories/25024

http://secunia.com/advisories/25159

http://secunia.com/advisories/25182

http://secunia.com/advisories/25255

http://secunia.com/advisories/25367

http://secunia.com/advisories/25432

http://secunia.com/advisories/26653

http://tech.groups.yahoo.com/group/vimannounce/message/178

http://tech.groups.yahoo.com/group/vimdev/message/46627

http://tech.groups.yahoo.com/group/vimdev/message/46645

http://tech.groups.yahoo.com/group/vimdev/message/46658

http://www.attrition.org/pipermail/vim/2007-August/001770.html

http://www.debian.org/security/2007/dsa-1364

http://www.mandriva.com/security/advisories?name=MDKSA-2007:101

http://www.novell.com/linux/security/advisories/2007_12_sr.html

http://www.redhat.com/support/errata/RHSA-2007-0346.html

http://www.securityfocus.com/archive/1/467202/100/0/threaded

http://www.securityfocus.com/bid/23725

http://www.securitytracker.com/id?1018035

http://www.trustix.org/errata/2007/0017/

http://www.ubuntu.com/usn/usn-463-1

http://www.vim.org/news/news.php

http://www.vupen.com/english/advisories/2007/1599

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238259

https://exchange.xforce.ibmcloud.com/vulnerabilities/34012

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9876

Details

Source: MITRE

Published: 2007-05-02

Updated: 2018-10-16

Risk Information

CVSS v2

Base Score: 7.6

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 4.9

Severity: HIGH

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
67494Oracle Linux 5 : vim (ELSA-2007-0346)NessusOracle Linux Local Security Checks
high
28063Ubuntu 6.10 / 7.04 : vim vulnerability (USN-463-1)NessusUbuntu Local Security Checks
high
27474openSUSE 10 Security Update : vim (vim-3410)NessusSuSE Local Security Checks
high
25964Debian DSA-1364-2 : vim - several vulnerabilitiesNessusDebian Local Security Checks
high
25332RHEL 5 : vim (RHSA-2007:0346)NessusRed Hat Local Security Checks
high
25205CentOS 5 : vim (CESA-2007:0346)NessusCentOS Local Security Checks
high
25191Mandrake Linux Security Advisory : vim (MDKSA-2007:101)NessusMandriva Local Security Checks
high