Moderate: vim security update
Security Advisory: Moderate
An update for vim is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syste ...
Vim could be made to run programs as your login if it opened a specially
crafted file ...
Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi
editor, does not properly validate values for the filetype,
syntax and keymap options, which may result in the execution of
arbitrary code if a file with a specially crafted modeline is opened
For the stable distribution (jessie), this problem has been fixed in
version 2:7448 ...
A vulnerability was found in vim in how certain modeline options were treated An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim (modelines are disabled by default for root, and enabled by default for other users) ...
Arch Linux Security Advisory ASA-201611-29
Date : 2016-11-29
CVE-ID : CVE-2016-1248
Package : neovim
Type : arbitrary command execution
Remote : No
Link : wikiarchlinuxorg/indexphp/CVE
The package neovim before version 017-1 is vulnerable to arbitra ...
A vulnerability was found in vim in how certain modeline options were treated An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim ...
A vulnerability has been discovered in vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline This is due to lack of validation of values for a few options Those options' values are then used in vim's scripts to build a command string that's evaluated by execute, which is what allows the shell c ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page
For more information about security, see the Apple Product Security page You can encrypt ...
Oracle Solaris Third Party Bulletin - April 2017
The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Upda ...
Oracle Linux Bulletin - January 2017
The Oracle Linux Bulletin lists all CVEs that had been resolved and announced
in Oracle Linux Security Advisories (ELSA) in the last one month prior to the
release of the bulletin Oracle Linux Bulletins are published on the same day
as Oracle Critical ...
Oracle VM Server for x86 Bulletin - January 2017
The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced
in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the
release of the bulletin Oracle VM Server for x86 Bulletins are pub ...