RHSA-2008:0617: Moderate: vim security update

First published: Tue Nov 25 2008(Updated: )

Vim (Visual editor IMproved) is an updated and improved version of the vi<br>editor.<br>Several input sanitization flaws were found in Vim's keyword and tag<br>handling. If Vim looked up a document's maliciously crafted tag or keyword,<br>it was possible to execute arbitrary code as the user running Vim.<br>(CVE-2008-4101)<br>A heap-based overflow flaw was discovered in Vim's expansion of file name<br>patterns with shell wildcards. An attacker could create a specially-crafted<br>file or directory name that, when opened by Vim, caused the application to<br>crash or, possibly, execute arbitrary code. (CVE-2008-3432)<br>Several input sanitization flaws were found in various Vim system<br>functions. If a user opened a specially crafted file, it was possible to<br>execute arbitrary code as the user running Vim. (CVE-2008-2712)<br>Ulf Härnhammar, of Secunia Research, discovered a format string flaw in<br>Vim's help tag processor. If a user was tricked into executing the<br>"helptags" command on malicious data, arbitrary code could be executed with<br>the permissions of the user running Vim. (CVE-2007-2953)<br>All Vim users are advised to upgrade to these updated packages, which<br>contain backported patches to correct these issues.<br>

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/description
• agent/event
• agent/first-publish-date
• agent/last-modified-date
• agent/references
• agent/remedy
• agent/severity
• agent/softwarecombine
• agent/tags
• agent/title
• agent/type
• collector/redhat-errata
• source/Red Hat
• anchor-id/RHSA-2008:0617
• agent/software-canonical-lookup
• package-manager/redhat