oss-sec mailing list archives

[oss-list] CVE request (vim)

From: Jan Lieskovsky <jlieskov () redhat com>
Date: Thu, 11 Sep 2008 16:56:36 +0200

Hello Steve,

  found relatively old issue in Vim, which was not covered
by the CVE-2008-2712 patch. Could you please assign a new
CVE id for it:

Report: http://www.rdancer.org/vulnerablevim-K.html  [1]
Proposed patch: 
http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2
Other references: https://bugzilla.redhat.com/show_bug.cgi?id=461927

Affected versions: Successfully reproduced on vim-6.0-7.15 through vim-7.1.291-1.

Proof of concept: See part "4. EXPLOIT" from [1] report. The xclock
                  part is easily reproducible.

Impact: Arbitrary code execution.

Thank you in advance
Kind regards
Jan iankko Lieskovsky
RH Security Response Team

Current thread:

[oss-list] CVE request (vim) Jan Lieskovsky (Sep 11)
- Re: [oss-list] CVE request (vim) Pınar Yanardağ (Sep 11)
  - Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)
- Re: [oss-list] CVE request (vim) Jan Minář (Sep 11)
- Re: [oss-list] CVE request (vim) Steven M. Christey (Sep 15)