Create an account

Subscribe to LWN

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Weekly edition	Kernel	Security	Distributions	Contact Us	Search
Archives	Calendar	Subscribe	Write for LWN	LWN.net FAQ	Sponsors

vim: arbitrary code execution

Package(s):

vim

CVE #(s):

CVE-2007-2953

Created:

July 30, 2007

Updated:

November 27, 2008

Description:

vim is vulnerable to a user-assisted attack in which vim may execute arbitrary code when helptags is run on data that has been maliciously crafted.

Alerts:

CentOS	CESA-2008:0580	2008-11-26
CentOS	CESA-2008:0617	2008-11-25
Red Hat	RHSA-2008:0617-01	2008-11-25
Red Hat	RHSA-2008:0580-01	2008-11-25
Debian	DSA-1364-2	2007-09-19
Debian	DSA-1364-1	2007-09-01
Ubuntu	USN-505-1	2007-08-28
Mandriva	MDKSA-2007:168	2007-08-21
rPath	rPSA-2007-0151-1	2007-07-31
Foresight	FLEA-2007-0036-1	2007-07-30

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds