| ID |
CVE-2007-2953
|
| Summary |
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:vim_development_group:vim:*:*:*:*:*:*:*:*
cpe:2.3:a:vim_development_group:vim:*:*:*:*:*:*:*:*
-
cpe:2.3:a:vim_development_group:vim:7.0:*:*:*:*:*:*:*
cpe:2.3:a:vim_development_group:vim:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:vim_development_group:vim:7.1:*:*:*:*:*:*:*
cpe:2.3:a:vim_development_group:vim:7.1:*:*:*:*:*:*:*
-
cpe:2.3:a:vim_development_group:vim:7.1.38:*:*:*:*:*:*:*
cpe:2.3:a:vim_development_group:vim:7.1.38:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.8 (as of 16-10-2018 - 16:46) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| oval
via4
|
| accepted | 2013-04-29T04:14:40.356-04:00 | | class | vulnerability | | contributors | | name | Aharon Chernin | | organization | SCAP.com, LLC |
| name | Dragos Prisaca | | organization | G2, Inc. |
| | definition_extensions | | comment | The operating system installed on the system is Red Hat Enterprise Linux 3 | | oval | oval:org.mitre.oval:def:11782 |
| comment | CentOS Linux 3.x | | oval | oval:org.mitre.oval:def:16651 |
| comment | The operating system installed on the system is Red Hat Enterprise Linux 4 | | oval | oval:org.mitre.oval:def:11831 |
| comment | CentOS Linux 4.x | | oval | oval:org.mitre.oval:def:16636 |
| comment | Oracle Linux 4.x | | oval | oval:org.mitre.oval:def:15990 |
| comment | The operating system installed on the system is Red Hat Enterprise Linux 5 | | oval | oval:org.mitre.oval:def:11414 |
| comment | The operating system installed on the system is CentOS Linux 5.x | | oval | oval:org.mitre.oval:def:15802 |
| comment | Oracle Linux 5.x | | oval | oval:org.mitre.oval:def:15459 |
| | description | Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | | family | unix | | id | oval:org.mitre.oval:def:11549 | | status | accepted | | submitted | 2010-07-09T03:56:16-04:00 | | title | Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | | version | 30 |
| accepted | 2009-11-30T04:00:45.365-05:00 | | class | vulnerability | | contributors | | name | Michael Wood | | organization | Hewlett-Packard |
| name | Michael Wood | | organization | Hewlett-Packard |
| | definition_extensions | | comment | VMWare ESX Server 3.0.3 is installed | | oval | oval:org.mitre.oval:def:6026 |
| comment | VMWare ESX Server 3.0.2 is installed | | oval | oval:org.mitre.oval:def:5613 |
| comment | VMware ESX Server 3.5.0 is installed | | oval | oval:org.mitre.oval:def:5887 |
| | description | Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command. | | family | unix | | id | oval:org.mitre.oval:def:6463 | | status | accepted | | submitted | 2009-09-23T15:39:02.000-04:00 | | title | Vim HelpTags Command Remote Format String Vulnerability | | version | 3 |
|
| redhat
via4
|
| advisories | | | rpms | - vim-X11-2:7.0.109-4.el5_2.4z
- vim-common-2:7.0.109-4.el5_2.4z
- vim-debuginfo-2:7.0.109-4.el5_2.4z
- vim-enhanced-2:7.0.109-4.el5_2.4z
- vim-minimal-2:7.0.109-4.el5_2.4z
- vim-X11-1:6.3.046-0.30E.11
- vim-X11-1:6.3.046-1.el4_7.5z
- vim-common-1:6.3.046-0.30E.11
- vim-common-1:6.3.046-1.el4_7.5z
- vim-debuginfo-1:6.3.046-0.30E.11
- vim-debuginfo-1:6.3.046-1.el4_7.5z
- vim-enhanced-1:6.3.046-0.30E.11
- vim-enhanced-1:6.3.046-1.el4_7.5z
- vim-minimal-1:6.3.046-0.30E.11
- vim-minimal-1:6.3.046-1.el4_7.5z
|
|
| refmap
via4
|
| bid | 25095 | | bugtraq | - 20070730 FLEA-2007-0036-1 vim vim-minimal gvim
- 20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim
| | confirm | | | debian | DSA-1364 | | mandriva | - MDKSA-2007:168
- MDVSA-2008:236
| | misc | http://secunia.com/secunia_research/2007-66/advisory/ | | secunia | - 25941
- 26285
- 26522
- 26594
- 26653
- 26674
- 26822
- 32858
- 33410
| | suse | SUSE-SR:2007:018 | | trustix | 2007-0026 | | ubuntu | USN-505-1 | | vim | 20070823 vim editor duplicates / clarifications | | vupen | - ADV-2007-2687
- ADV-2009-0033
- ADV-2009-0904
| | xf | vim-helptagsone-code-execution(35655) |
|
| statements
via4
|
| contributor | Joshua Bressers | | lastmodified | 2007-08-06 | | organization | Red Hat | | statement | Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248542
The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
|
|
| Last major update |
16-10-2018 - 16:46 |
| Published |
31-07-2007 - 10:17 |
| Last modified |
16-10-2018 - 16:46 |
