vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-07-26 04:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-2368
Mitre link : CVE-2005-2368
CVE.ORG link : CVE-2005-2368
JSON object : View
Products Affected
vim_development_group
- vim
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')