FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2005-2368

This CVE name corresponds to:

Entered Topic
2005-07-31 vim -- vulnerabilities in modeline handling: glob, expand

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2005-2368
Phase Assigned(20050726)

Description

vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.

References

Source Reference
FULLDISC 20050725 Help poor children in Uganda
MISC http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html
REDHAT RHSA-2005:745
BID 14374
OVAL oval:org.mitre.oval:def:11302