fkie_cve-2008-4101
Vulnerability from fkie_nvd
Published
2008-09-18 17:59
Modified
2024-11-21 00:50
Severity ?
Summary
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
References
cve@mitre.orghttp://ftp.vim.org/pub/vim/patches/7.2/7.2.010Exploit
cve@mitre.orghttp://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2
cve@mitre.orghttp://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2Patch
cve@mitre.orghttp://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668eExploit
cve@mitre.orghttp://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33Patch
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
cve@mitre.orghttp://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
cve@mitre.orghttp://secunia.com/advisories/31592
cve@mitre.orghttp://secunia.com/advisories/32222
cve@mitre.orghttp://secunia.com/advisories/32858
cve@mitre.orghttp://secunia.com/advisories/32864
cve@mitre.orghttp://secunia.com/advisories/33410
cve@mitre.orghttp://support.apple.com/kb/HT3216
cve@mitre.orghttp://support.apple.com/kb/HT4077
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2008-457.htm
cve@mitre.orghttp://support.avaya.com/elmodocs2/security/ASA-2009-001.htm
cve@mitre.orghttp://www.mandriva.com/security/advisories?name=MDVSA-2008:236
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2008/09/11/3
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2008/09/11/4
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2008/09/16/5
cve@mitre.orghttp://www.openwall.com/lists/oss-security/2008/09/16/6
cve@mitre.orghttp://www.rdancer.org/vulnerablevim-K.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0580.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0617.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2008-0618.html
cve@mitre.orghttp://www.securityfocus.com/archive/1/495662
cve@mitre.orghttp://www.securityfocus.com/archive/1/495703
cve@mitre.orghttp://www.securityfocus.com/archive/1/502322/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/30795
cve@mitre.orghttp://www.securityfocus.com/bid/31681
cve@mitre.orghttp://www.ubuntu.com/usn/USN-712-1
cve@mitre.orghttp://www.vmware.com/security/advisories/VMSA-2009-0004.html
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/2780
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/0033
cve@mitre.orghttp://www.vupen.com/english/advisories/2009/0904
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=461927
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/44626
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812
af854a3a-2127-422b-91ae-364da2661108http://ftp.vim.org/pub/vim/patches/7.2/7.2.010Exploit
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2Patch
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668eExploit
af854a3a-2127-422b-91ae-364da2661108http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33Patch
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/31592
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32222
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32858
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32864
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33410
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT3216
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT4077
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2008-457.htm
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2008:236
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/09/11/3
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/09/11/4
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/09/16/5
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/09/16/6
af854a3a-2127-422b-91ae-364da2661108http://www.rdancer.org/vulnerablevim-K.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0580.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0617.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2008-0618.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495662
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/495703
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/502322/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/30795
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/31681
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-712-1
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/security/advisories/VMSA-2009-0004.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/2780
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0033
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0904
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=461927
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/44626
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812
Impacted products
Vendor Product Version
vim vim *
vim vim 3.0
vim vim 4.0
vim vim 5.0
vim vim 5.1
vim vim 5.2
vim vim 5.3
vim vim 5.4
vim vim 5.5
vim vim 5.6
vim vim 5.7
vim vim 5.8
vim vim 6.0
vim vim 6.1
vim vim 6.2
vim vim 6.3
vim vim 6.4
vim vim 7.0
vim vim 7.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC771166-EF16-4755-ABD4-9390F366FE92",
              "versionEndIncluding": "7.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B91822-8DC4-471C-B6D4-EC7F114914B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B90731-2B67-4859-A873-EFEFE4A66CF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F325C23E-BFBC-4371-AF74-E189FC2515F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2527B955-E25A-4A33-A6F4-27DEDA99C7F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEA82FC2-F2A3-4BE2-8EE2-5A3BC3555401",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "808C36C4-0523-4FBC-B3B7-3E6E29FF24EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "404E256E-B823-4BC4-8F29-C3724604F474",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75F0563C-7156-4166-87AA-4C122F26CABB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0CDFBFEB-D79E-4CEB-905E-FA89A0F0D494",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAEC13F6-0526-47FB-BF98-D864CE297D60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "477A2C0C-5229-4A08-8AB1-B9C8C2D4F3FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9FE70D0-5931-49D1-A750-7D03C8C28228",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A08C510-8774-4FEB-BCA3-1868F692BF94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "464D5E9A-EB5A-47AB-8657-15A68AD30D59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F4F51CA-18C1-4043-B4E6-F1AD9D3C1346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2BAA6B0-4956-4D98-872A-BCCBD0D4CE16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "97CCAA40-55CE-4AB9-9268-AADA06E29B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:vim:vim:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8C5B265-A7DD-4D24-864C-BF1FEEF8F138",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a \";\" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) \"Ctrl-]\" (control close-square-bracket) or (3) \"g]\" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712."
    },
    {
      "lang": "es",
      "value": "Vim 3.0 hasta 7.x anterior a 7.2.010, no escapa los caracteres de forma adecuada, esto permite a atacantes con la ayuda del usuario local (1) ejecutar instrucciones de su elecci\u00f3n en el int\u00e9rprete de comandos al introducir una pulsaci\u00f3n de la tecla K en una l\u00ednea que contiene un \";\" (punto y coma), seguido de un comando, o ejecutar comandos Ex de su elecci\u00f3n al introducir un argumento despu\u00e9s de una secuencia de teclado: (2)\"Ctrl-]\" (control corchete de cierre) o (3) \"g]\" (g corchete de cierre). NOTA: se trata de una vulnerabilidad diferente de CVE-2008-2712."
    }
  ],
  "evaluatorSolution": "Must have a valid e-mail address to access the patch on the \"google groups\" link.",
  "id": "CVE-2008-4101",
  "lastModified": "2024-11-21T00:50:54.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2008-09-18T17:59:32.877",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://ftp.vim.org/pub/vim/patches/7.2/7.2.010"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/31592"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32858"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/32864"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/33410"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-457.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:236"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/11/3"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/11/4"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/16/5"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/16/6"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.rdancer.org/vulnerablevim-K.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0580.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0617.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0618.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495662"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/495703"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/502322/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/30795"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-712-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0004.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0033"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0904"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461927"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44626"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://ftp.vim.org/pub/vim/patches/7.2/7.2.010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://groups.google.com/group/vim_dev/attach/9290f26f9bc11b33/K-arbitrary-command-execution.patch.v3?part=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/vim_dev/attach/dd32ad3a84f36bb2/K-arbitrary-command-execution.patch?part=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://groups.google.com/group/vim_dev/browse_thread/thread/1434d0812b5c817e/6ad2d5b50a96668e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://groups.google.com/group/vim_dev/msg/9290f26f9bc11b33"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31592"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32858"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/32864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/33410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT3216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT4077"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2008-457.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:236"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/11/3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/11/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/16/5"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2008/09/16/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.rdancer.org/vulnerablevim-K.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0580.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0617.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0618.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495662"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/495703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502322/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/30795"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-712-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vmware.com/security/advisories/VMSA-2009-0004.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2780"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0033"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=461927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44626"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5812"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.