Public Date:
461927: CVE-2008-4101 vim: arbitrary code execution in commands: K, Control-], g]

The MITRE CVE dictionary describes this issue as:

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.

Find out more about CVE-2008-4101 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 4 (vim) RHSA-2008:0617 2008-11-25
Red Hat Enterprise Linux 5 (vim) RHSA-2008:0580 2008-11-25
Red Hat Enterprise Linux 2.1 (vim) RHSA-2008:0618 2008-11-25
Red Hat Enterprise Linux 3 (vim) RHSA-2008:0617 2008-11-25


Last Modified

CVE description copyright © 2017, The MITRE Corporation