Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:2059
HistoryAug 01, 2007 - 12:00 a.m.

Vim HelpTags命令远程格式串处理漏洞

2007-08-0100:00:00
Root
www.seebug.org
17

EPSS

0.331

Percentile

97.1%

JSON

BUGTRAQ ID: 25095
CVE(CAN) ID: CVE-2007-2953

VIM是一款免费开放源代码文本编辑器,可使用在Unix/Linux操作系统下。

VIM的src/ex_cmds.c文件中的helptags_one()函数存在格式串处理漏洞,本地攻击者可能利用此漏洞提升自己的权限。

如果攻击者受骗对恶意数据运行了helptags命令的话,攻击者就可以通过特制的帮助文件执行任意代码。

VIM Development Group VIM 7.1
VIM Development Group VIM 6.4

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039” target=“_blank”>ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039</a>

Related

nessus 17
openvas 25
veracode 1
cve 1
freebsd 1
ubuntu 1
ubuntucve 1
prion 1
cvelist 1
nvd 1
debiancve 1
osv 2
debian 2
centos 2
oraclelinux 2
redhat 2
vmware 2
nessus
nessus
openSUSE 10 Security Update : gvim (gvim-4092)
2007-10-17 00:00:00
Ubuntu 6.06 LTS / 6.10 / 7.04 : vim vulnerability (USN-505-1)
2007-11-10 00:00:00
SuSE9 Security Update : vim and gvim (YOU Patch Number 11722)
2009-09-24 00:00:00
openvas
openvas
Mandriva Update for vim MDKSA-2007:168 (vim)
2009-04-09 00:00:00
SLES9: Security update for vim and gvim
2009-10-10 00:00:00
Ubuntu: Security Advisory (USN-505-1)
2009-03-23 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:25:49
cve
cve
CVE-2007-2953
2007-07-31 10:17:00
freebsd
freebsd
vim -- Command Format String Vulnerability
2007-07-27 00:00:00
ubuntu
ubuntu
vim vulnerability
2007-08-28 00:00:00
ubuntucve
ubuntucve
CVE-2007-2953
2007-07-31 00:00:00
prion
prion
Format string
2007-07-31 10:17:00
cvelist
cvelist
CVE-2007-2953
2007-07-31 10:00:00
nvd
nvd
CVE-2007-2953
2007-07-31 10:17:00
debiancve
debiancve
CVE-2007-2953
2007-07-31 10:17:00
osv
osv
vim - several vulnerabilities
2007-09-19 00:00:00
vim
2007-09-19 00:00:00
debian
debian
[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities
2007-09-01 11:30:35
[SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities
2007-09-19 22:20:43
centos
centos
vim security update
2008-11-25 16:56:47
vim security update
2008-11-26 22:22:41
oraclelinux
oraclelinux
vim security update
2008-11-25 00:00:00
vim security update
2008-11-25 00:00:00
redhat
redhat
(RHSA-2008:0617) Moderate: vim security update
2008-11-25 00:00:00
(RHSA-2008:0580) Moderate: vim security update
2008-11-25 00:00:00
vmware
vmware
ESX Service Console updates for openssl, bind, and vim
2009-03-31 00:00:00
ESX Service Console updates for openssl, bind, and vim
2009-03-31 00:00:00

EPSS

0.331

Percentile

97.1%

JSON
Related for SSV:2059
nessus17openvas25veracode1cve1freebsd1ubuntu1ubuntucve1prion1cvelist1nvd1debiancve1osv2debian2centos2oraclelinux2redhat2vmware2