Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-0316
HistoryJan 28, 2009 - 11:30 a.m.

CVE-2009-0316

2009-01-2811:30:00
mitre
web.nvd.nist.gov
48
cve-2009-0316
untrusted search path
python interface
vim 7.2.045
arbitrary code execution
cve-2008-5983

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

23.5%

JSON

Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.

Affected configurations

Nvd
Node
vimvimRange≀7.2
OR
vimvimMatch1.0
OR
vimvimMatch1.22
OR
vimvimMatch3.0
OR
vimvimMatch4.0
OR
vimvimMatch5.0
OR
vimvimMatch5.1
OR
vimvimMatch5.2
OR
vimvimMatch5.3
OR
vimvimMatch5.4
OR
vimvimMatch5.5
OR
vimvimMatch5.6
OR
vimvimMatch5.7
OR
vimvimMatch5.8
OR
vimvimMatch6.0
OR
vimvimMatch6.1
OR
vimvimMatch6.2
OR
vimvimMatch6.3
OR
vimvimMatch6.4
OR
vimvimMatch7.0
OR
vimvimMatch7.1
VendorProductVersionCPE
vimvim*cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
vimvim1.0cpe:2.3:a:vim:vim:1.0:*:*:*:*:*:*:*
vimvim1.22cpe:2.3:a:vim:vim:1.22:*:*:*:*:*:*:*
vimvim3.0cpe:2.3:a:vim:vim:3.0:*:*:*:*:*:*:*
vimvim4.0cpe:2.3:a:vim:vim:4.0:*:*:*:*:*:*:*
vimvim5.0cpe:2.3:a:vim:vim:5.0:*:*:*:*:*:*:*
vimvim5.1cpe:2.3:a:vim:vim:5.1:*:*:*:*:*:*:*
vimvim5.2cpe:2.3:a:vim:vim:5.2:*:*:*:*:*:*:*
vimvim5.3cpe:2.3:a:vim:vim:5.3:*:*:*:*:*:*:*
vimvim5.4cpe:2.3:a:vim:vim:5.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 211

Related

cvelist 10
prion 10
debiancve 9
ubuntucve 10
nvd 10
osv 1
openvas 36
seebug 2
securityvulns 3
nessus 23
cve 9
veracode 1
freebsd 1
gentoo 2
fedora 4
redhat 1
oraclelinux 2
ubuntu 4
threatpost 1
cvelist
cvelist
CVE-2009-0316
2009-01-28 11:00:00
CVE-2008-5983
2009-01-28 02:00:00
CVE-2008-5985
2009-01-28 11:00:00
prion
prion
Design/Logic Flaw
2009-01-28 11:30:00
Design/Logic Flaw
2009-01-28 02:30:00
Design/Logic Flaw
2009-01-28 11:30:00
debiancve
debiancve
CVE-2009-0316
2009-01-28 11:30:00
CVE-2009-0314
2009-01-28 11:30:00
CVE-2009-0317
2009-01-28 11:30:00
ubuntucve
ubuntucve
CVE-2009-0316
2009-01-28 00:00:00
CVE-2008-5983
2009-01-27 00:00:00
CVE-2008-5986
2009-01-28 00:00:00
nvd
nvd
CVE-2009-0316
2009-01-28 11:30:00
CVE-2008-5983
2009-01-28 02:30:00
CVE-2009-0314
2009-01-28 11:30:00
osv
osv
gvim-8.0.130-1.1 on GA media
2024-06-15 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:047-1 (vim)
2009-03-02 00:00:00
Mandrake Security Advisory MDVSA-2009:047-1 (vim)
2009-03-02 00:00:00
Mandrake Security Advisory MDVSA-2009:047 (vim)
2009-02-23 00:00:00
seebug
seebug
Vim PySys_SetArgvε‡½ζ•°ζœ¬εœ°ε‘½δ»€ζ‰§θ‘ŒζΌζ΄ž
2009-02-23 00:00:00
XChat PySys_SetArgvε‡½ζ•°ε‘½δ»€ζ‰§θ‘ŒζΌζ΄ž
2009-03-05 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:047 ] vim
2009-02-21 00:00:00
blender / gedit / gnumeric / vim / eog python scripts code execution
2009-04-07 00:00:00
[ GLSA 200904-06 ] Eye of GNOME: Untrusted search path
2009-04-07 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : vim (MDVSA-2009:047-1)
2009-04-23 00:00:00
RHEL 5 : vim (Unpatched Vulnerability)
2024-06-03 00:00:00
openSUSE 10 Security Update : gvim (gvim-6023)
2009-03-13 00:00:00
cve
cve
CVE-2008-5983
2009-01-28 02:30:00
CVE-2009-0318
2009-01-28 11:30:00
CVE-2008-5986
2009-01-28 11:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:53:08
freebsd
freebsd
epiphany -- untrusted search path vulnerability
2009-01-26 00:00:00
gentoo
gentoo
Eye of GNOME: Untrusted search path
2009-04-06 00:00:00
gedit: Untrusted search path
2009-03-30 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: gnumeric-1.8.2-6.fc10
2009-02-05 02:15:12
[SECURITY] Fedora 13 Update: python3-3.1.2-7.fc13
2010-09-04 04:58:36
[SECURITY] Fedora 12 Update: python-2.6.2-8.fc12
2010-07-05 22:05:10
redhat
redhat
(RHSA-2011:0027) Low: python security, bug fix, and enhancement update
2011-01-13 00:00:00
oraclelinux
oraclelinux
python security, bug fix, and enhancement update
2011-05-28 00:00:00
python security, bug fix, and enhancement update
2011-01-20 00:00:00
ubuntu
ubuntu
Python 3.1 vulnerabilities
2012-10-24 00:00:00
Python 2.6 vulnerabilities
2012-10-04 00:00:00
Python 2.4 vulnerabilities
2012-10-17 00:00:00
threatpost
threatpost
Apple Mega Patch Covers 88 Mac OS X Vulnerabilities
2010-03-29 17:15:44

CVSS2

6.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

23.5%

JSON
Related for CVE-2009-0316
cvelist10prion10debiancve9ubuntucve10nvd10osv1openvas36seebug2securityvulns3nessus23cve9veracode1freebsd1gentoo2fedora4redhat1oraclelinux2ubuntu4threatpost1