FreeBSD : vim6 -- heap-based overflow while parsing shell metacharacters (f866d2af-bbba-11df-8a8d-0008743bf21a)
Medium Nessus Plugin ID 49167
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionDescription for CVE-2008-3432 says :
Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
SolutionUpdate the affected packages.