Podatność CVE-2008-3075
Publikacja: 2009-02-21   Modyfikacja: 2012-02-12

Opis:
The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3074. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
Collection of Vulnerabilities in Fully Patched Vim 7.1
Jan Minar
24.02.2009

Typ:

CWE-94

 (Improper Control of Generation of Code ('Code Injection'))

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
9.3/10
10/10
8.6/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
VIM -> VIM 
VIM -> Zipplugin.vim 

 Referencje:
http://www.rdancer.org/vulnerablevim.html
http://www.openwall.com/lists/oss-security/2008/07/15/4
https://bugzilla.redhat.com/show_bug.cgi?id=467432
http://www.securityfocus.com/bid/32463
http://www.redhat.com/support/errata/RHSA-2008-0580.html
http://www.openwall.com/lists/oss-security/2008/10/20/2
http://www.openwall.com/lists/oss-security/2008/10/15/1
http://www.openwall.com/lists/oss-security/2008/08/01/1
http://www.openwall.com/lists/oss-security/2008/07/13/1
http://www.openwall.com/lists/oss-security/2008/07/10/7
http://www.openwall.com/lists/oss-security/2008/07/08/12
http://www.openwall.com/lists/oss-security/2008/07/07/4
http://www.openwall.com/lists/oss-security/2008/07/07/1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:236
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324
http://secunia.com/advisories/34418
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10246
http://marc.info/?l=bugtraq&m=121494431426308&w=2
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919
Copyright 2024, cxsecurity.com

 

Back to Top