This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Summuary | |
|---|---|
| CPE Name | cpe:/a:vim:vim:7.1.259 |
| Detail | |||
|---|---|---|---|
| Vendor | Vim | First view | 2008-06-16 |
| Product | Vim | Last view | 2019-06-05 |
| Version | 7.1.259 | Type | Application |
| Edition | |||
| Language | |||
| Update | |||
| CPE Product | cpe:/a:vim:vim | ||
Activity : Overall
Related : CVE
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 9.3 | 2019-06-05 | CVE-2019-12735 | Network | Medium | None Requ... | |
| 2.1 | 2017-12-01 | CVE-2017-17087 | Local | Low | None Requ... | |
| 2.1 | 2017-10-31 | CVE-2017-1000382 | Local | Low | None Requ... | |
| 7.5 | 2017-02-27 | CVE-2017-6350 | Network | Low | None Requ... | |
| 7.5 | 2017-02-27 | CVE-2017-6349 | Network | Low | None Requ... | |
| Date | Alert | Access Vector | Access Complexity | Authentication | ||
|---|---|---|---|---|---|---|
| 7.5 | 2017-02-10 | CVE-2017-5953 | Network | Low | None Requ... | |
| 6.8 | 2016-11-23 | CVE-2016-1248 | Network | Medium | None Requ... | |
| 6.9 | 2009-01-28 | CVE-2009-0316 | Local | Medium | None Requ... | |
| 9.3 | 2008-09-18 | CVE-2008-4101 | Network | Medium | None Requ... | |
| 9.3 | 2008-06-16 | CVE-2008-2712 | Network | Medium | None Requ... |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (3) | CWE-190 | Integer Overflow or Wraparound |
| 33% (3) | CWE-20 | Improper Input Validation |
| 22% (2) | CWE-200 | Information Exposure |
| 11% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:7596 | DSA-1733 vim -- several vulnerabilities |
| oval:org.mitre.oval:def:5812 | Vim Insufficient Shell Escaping Multiple Command Execution Vulnerability |
| oval:org.mitre.oval:def:20113 | DSA-1733-1 vim - multiple vulnerabilities |
| oval:org.mitre.oval:def:12922 | USN-712-1 -- vim vulnerabilities |
| oval:org.mitre.oval:def:10894 | Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which... |
| id | Name |
|---|---|
| oval:org.mitre.oval:def:6238 | Vim Flaw in Quoting Vim Script Lets Remote Users Cause Arbitrary Commands to ... |
| oval:org.mitre.oval:def:11109 | Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 53373 | Python PySys_SetArgv API Function Search Path Subversion Local Privilege Esca... |
| 51437 | Vim Character Escaping Weakness Arbitrary Command Execution |
| 51435 | Vim execute/system Function Arbitrary Command Execution |
| 46306 | Vim Multiple Script execute Command Arbitrary Shell Command Injection |
OpenVAS Exploits
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X Security Update 2008-007 File : nvt/macosx_secupd_2008-007.nasl |
| 2010-05-12 | Name : Mac OS X 10.6.3 Update / Mac OS X Security Update 2010-002 File : nvt/macosx_upd_10_6_3_secupd_2010-002.nasl |
| 2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
| 2009-10-13 | Name : SLES10: Security update for vim File : nvt/sles10_gvim.nasl |
| 2009-10-10 | Name : SLES9: Security update for ViM File : nvt/sles9p5044520.nasl |
| id | Description |
|---|---|
| 2009-06-05 | Name : Ubuntu USN-723-1 (git-core) File : nvt/ubuntu_723_1.nasl |
| 2009-04-09 | Name : Mandriva Update for vim MDVSA-2008:236 (vim) File : nvt/gb_mandriva_MDVSA_2008_236.nasl |
| 2009-04-09 | Name : Mandriva Update for vim MDVSA-2008:236-1 (vim) File : nvt/gb_mandriva_MDVSA_2008_236_1.nasl |
| 2009-03-31 | Name : SuSE Security Summary SUSE-SR:2009:007 File : nvt/suse_sr_2009_007.nasl |
| 2009-03-07 | Name : Debian Security Advisory DSA 1733-1 (vim) File : nvt/deb_1733_1.nasl |
| 2009-03-06 | Name : RedHat Update for vim RHSA-2008:0580-01 File : nvt/gb_RHSA-2008_0580-01_vim.nasl |
| 2009-03-06 | Name : RedHat Update for vim RHSA-2008:0617-01 File : nvt/gb_RHSA-2008_0617-01_vim.nasl |
| 2009-03-06 | Name : RedHat Update for vim RHSA-2008:0618-01 File : nvt/gb_RHSA-2008_0618-01_vim.nasl |
| 2009-03-02 | Name : Mandrake Security Advisory MDVSA-2009:047-1 (vim) File : nvt/mdksa_2009_047_1.nasl |
| 2009-02-27 | Name : CentOS Update for vim-common CESA-2008:0617 centos3 i386 File : nvt/gb_CESA-2008_0617_vim-common_centos3_i386.nasl |
| 2009-02-27 | Name : CentOS Update for vim-common CESA-2008:0617 centos3 x86_64 File : nvt/gb_CESA-2008_0617_vim-common_centos3_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for vim-common CESA-2008:0617 centos4 i386 File : nvt/gb_CESA-2008_0617_vim-common_centos4_i386.nasl |
| 2009-02-27 | Name : CentOS Update for vim-common CESA-2008:0617 centos4 x86_64 File : nvt/gb_CESA-2008_0617_vim-common_centos4_x86_64.nasl |
| 2009-02-27 | Name : CentOS Update for vim CESA-2008:0618-01 centos2 i386 File : nvt/gb_CESA-2008_0618-01_vim_centos2_i386.nasl |
| 2009-02-23 | Name : Mandrake Security Advisory MDVSA-2009:047 (vim) File : nvt/mdksa_2009_047.nasl |
| 2009-02-02 | Name : Ubuntu USN-710-1 (xine-lib) File : nvt/ubuntu_710_1.nasl |
| 2009-02-02 | Name : Ubuntu USN-711-1 (ktorrent) File : nvt/ubuntu_711_1.nasl |
| 2009-02-02 | Name : Ubuntu USN-712-1 (vim) File : nvt/ubuntu_712_1.nasl |
| 2008-12-02 | Name : Vim Shell Command Injection Vulnerability (Linux) File : nvt/secpod_vim_shell_cmd_injection_vuln_lin_900412.nasl |
| 2008-12-02 | Name : Vim Shell Command Injection Vulnerability (Win) File : nvt/secpod_vim_shell_cmd_injection_vuln_win_900411.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-08-08 | Vim modelines remote command execution attempt RuleID : 43482 - Type : FILE-OTHER - Revision : 3 |
| 2017-08-08 | Vim modelines remote command execution attempt RuleID : 43481 - Type : FILE-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
| id | Description |
|---|---|
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2016-0012.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2017-0006.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2017-0007.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-1_0-0167.nasl - Type : ACT_GATHER_INFO |
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0070.nasl - Type : ACT_GATHER_INFO |
| id | Description |
|---|---|
| 2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0076.nasl - Type : ACT_GATHER_INFO |
| 2018-06-28 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2018-1171.nasl - Type : ACT_GATHER_INFO |
| 2017-11-01 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL22183127.nasl - Type : ACT_GATHER_INFO |
| 2017-08-08 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2017-1148.nasl - Type : ACT_GATHER_INFO |
| 2017-08-08 | Name : The remote EulerOS host is missing a security update. File : EulerOS_SA-2017-1149.nasl - Type : ACT_GATHER_INFO |
| 2017-07-07 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-788.nasl - Type : ACT_GATHER_INFO |
| 2017-07-05 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-1775-1.nasl - Type : ACT_GATHER_INFO |
| 2017-06-29 | Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2017-1712-1.nasl - Type : ACT_GATHER_INFO |
| 2017-06-23 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201706-26.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1033.nasl - Type : ACT_GATHER_INFO |
| 2017-05-01 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2017-1034.nasl - Type : ACT_GATHER_INFO |
| 2017-03-30 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2017-809.nasl - Type : ACT_GATHER_INFO |
| 2017-03-10 | Name : The remote Debian host is missing a security update. File : debian_DLA-850.nasl - Type : ACT_GATHER_INFO |
| 2017-03-06 | Name : The remote Fedora host is missing a security update. File : fedora_2017-e9171a0c00.nasl - Type : ACT_GATHER_INFO |
| 2017-03-03 | Name : The remote Fedora host is missing a security update. File : fedora_2017-8494d0142c.nasl - Type : ACT_GATHER_INFO |
| 2017-02-28 | Name : The remote Fedora host is missing a security update. File : fedora_2017-9b2cf468d5.nasl - Type : ACT_GATHER_INFO |
| 2017-02-21 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2017-280.nasl - Type : ACT_GATHER_INFO |
| 2017-02-15 | Name : The remote Fedora host is missing a security update. File : fedora_2017-595fec72ef.nasl - Type : ACT_GATHER_INFO |
| 2017-02-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-3786.nasl - Type : ACT_GATHER_INFO |
| 2017-02-13 | Name : The remote Debian host is missing a security update. File : debian_DLA-822.nasl - Type : ACT_GATHER_INFO |
