|Bugzilla:||461927: CVE-2008-4101 vim: arbitrary code execution in commands: K, Control-], g]|
The MITRE CVE dictionary describes this issue as:
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
Red Hat security errata
|Red Hat Enterprise Linux version 2.1 (vim)||RHSA-2008:0618||November 25, 2008|
|Red Hat Enterprise Linux version 3 (vim)||RHSA-2008:0617||November 25, 2008|
|Red Hat Enterprise Linux version 4 (vim)||RHSA-2008:0617||November 25, 2008|
|Red Hat Enterprise Linux version 5 (vim)||RHSA-2008:0580||November 25, 2008|
This page is generated automatically and has not been checked for errors or omissions.
For clarification or corrections please contact the Red Hat Security Response Team.