The shellescape function in Vim 7.0 up to and including 7.2, including 7.2a.10, allows user-assisted malicious users to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
vim vim 7.2 |
||
vim tar.vim v.12 |
||
vim tar.vim v.13 |
||
vim tar.vim v.20 |
||
vim tar.vim v.21 |
||
vim vim 7.1 |
||
vim vim 7.0 |
||
vim tar.vim v.16 |
||
vim tar.vim v.17 |
||
vim vim 7.1.314 |
||
vim vim 7.1.266 |
||
vim tar.vim v.14 |
||
vim tar.vim v.15 |
||
vim tar.vim v.22 |
||
vim tar.vim v.10 |
||
vim tar.vim v.11 |
||
vim tar.vim v.18 |
||
vim tar.vim v.19 |
Vulmon