oval:org.mitre.oval:def:10754
Definition Id: oval:org.mitre.oval:def:10754 | |||
Oval ID: | oval:org.mitre.oval:def:10754 | ||
Title: | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier. | ||
Description: | The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3074 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15802 | |||
Oval ID: | oval:org.mitre.oval:def:15802 | ||
Title: | The operating system installed on the system is CentOS Linux 5.x | ||
Description: | The operating system installed on the system is CentOS Linux 5.x | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:centos:centos:5 | Version: | 7 |
Platform(s): | CentOS Linux 5 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:10754 |
Definition Id: oval:org.mitre.oval:def:15459 | |||
Oval ID: | oval:org.mitre.oval:def:15459 | ||
Title: | Oracle Linux 5.x | ||
Description: | The operating system installed on the system is Oracle Linux 5.x | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:oracle:linux:5 | Version: | 7 |
Platform(s): | Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:10754 |
Definition Id: oval:org.mitre.oval:def:11414 | |||
Oval ID: | oval:org.mitre.oval:def:11414 | ||
Title: | The operating system installed on the system is Red Hat Enterprise Linux 5 | ||
Description: | The operating system installed on the system is Red Hat Enterprise Linux 5. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:redhat:enterprise_linux:5 | Version: | 7 |
Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:10754 |