Skip to navigation

CVE Database

CVE-2009-0316

Impact: Low
Public: 2008-08-06
Bugzilla: 481565: CVE-2009-0316 vim: untrusted python modules search path

Details

The MITRE CVE dictionary describes this issue as:

Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair.

Find out more about CVE-2009-0316 from the MITRE CVE dictionary and NIST NVD.

Statement

This issue does not affect vim as shipped in Red Hat Enterprise Linux 3 and 4.

This issue does affect vim in Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this issue as having low
security impact, a future update may address this flaw. More information
regarding issue severity can be found here:
http://www.redhat.com/security/updates/classification/

Red Hat security errata

Platform Errata Release Date

External References

This page is generated automatically and has not been checked for errors or omissions.

For clarification or corrections please contact the Red Hat Security Response Team.