Vim 3.0 up to and including 7.x prior to 7.2.010 does not properly escape characters, which allows user-assisted malicious users to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vim vim 5.2 |
||
vim vim 5.3 |
||
vim vim 6.1 |
||
vim vim 6.2 |
||
vim vim 5.4 |
||
vim vim 5.5 |
||
vim vim 6.3 |
||
vim vim 6.4 |
||
vim vim 5.0 |
||
vim vim 5.1 |
||
vim vim 5.8 |
||
vim vim 6.0 |
||
vim vim |
||
vim vim 3.0 |
||
vim vim 4.0 |
||
vim vim 5.6 |
||
vim vim 5.7 |
||
vim vim 7.0 |
||
vim vim 7.1 |