FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

vim -- Command Format String Vulnerability

Affected packages
vim < 7.1.39
vim-console < 7.1.39
vim-lite < 7.1.39
vim-ruby < 7.1.39
vim6 < 7.1.39
vim6-ruby < 7.1.39

Details

VuXML ID 1ed03222-3c65-11dc-b3d3-0016179b2dd5
Discovery 2007-07-27
Entry 2007-07-27

A Secunia Advisory reports:

A format string error in the "helptags_one()" function in src/ex_cmds.c when running the "helptags" command can be exploited to execute arbitrary code via specially crafted help files.

References

CVE Name CVE-2007-2953
URL http://secunia.com/advisories/25941/