FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection


This CVE name corresponds to:

Entered Topic
2005-07-31 vim -- vulnerabilities in modeline handling: glob, expand

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.


Type Candidate
Name CVE-2005-2368
Phase Assigned(20050726)


vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.


Source Reference
FULLDISC 20050725 Help poor children in Uganda
REDHAT RHSA-2005:745
BID 14374
OVAL oval:org.mitre.oval:def:11302