Lucene search
Ubuntu.comUB:CVE-2007-2438HistoryMay 02, 2007 - 12:00 a.m.
CVE-2007-2438
2007-05-0200:00:00
ubuntu.com
ubuntu.com
14
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
0.018
Percentile
88.3%
The sandbox for vim allows dangerous functions such as (1) writefile, (2)
feedkeys, and (3) system, which might allow user-assisted attackers to
execute shell commands and write files via modelines.
Related
openvas
openvas
Ubuntu Update for vim vulnerability USN-463-1
2009-03-23 00:00:00
Ubuntu: Security Advisory (USN-463-1)
2009-03-23 00:00:00
Mandriva Update for vim MDKSA-2007:101 (vim)
2009-04-09 00:00:00
nessus
nessus
Oracle Linux 5 : vim (ELSA-2007-0346)
2013-07-12 00:00:00
openSUSE 10 Security Update : vim (vim-3410)
2007-10-17 00:00:00
Mandrake Linux Security Advisory : vim (MDKSA-2007:101)
2007-05-10 00:00:00
redhat
redhat
(RHSA-2007:0346) Moderate: vim security update
2007-05-09 00:00:00
oraclelinux
oraclelinux
Moderate: vim security update
2007-06-26 00:00:00
cve
cve
CVE-2007-2438
2007-05-02 21:19:00
CVE-2007-2653
2007-05-14 21:19:00
centos
centos
vim security update
2007-05-10 15:37:27
prion
prion
Command injection
2007-05-02 21:19:00
Design/Logic Flaw
2007-05-14 21:19:00
cvelist
cvelist
CVE-2007-2438
2007-05-02 21:00:00
securityvulns
securityvulns
[ MDKSA-2007:101 ] - Updated vim packages fix vulnerability
2007-05-12 00:00:00
vim sandbox protection bypass
2007-05-12 00:00:00
ubuntu
ubuntu
vim vulnerability
2007-05-23 00:00:00
debiancve
debiancve
CVE-2007-2438
2007-05-02 21:19:00
nvd
nvd
CVE-2007-2438
2007-05-02 21:19:00
CVE-2007-2653
2007-05-14 21:19:00
osv
osv
vim
2007-09-19 00:00:00
vim - several vulnerabilities
2007-09-19 00:00:00
debian
debian
[SECURITY] [DSA 1364-2] New vim packages fix several vulnerabilities
2007-09-19 22:20:43
[SECURITY] [DSA 1364-1] New vim packages fix several vulnerabilities
2007-09-01 11:30:35
CVSS2
7.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
EPSS
0.018
Percentile
88.3%
Related for UB:CVE-2007-2438