Launchpad CVE tracker

CVE 2007-2953

Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.

Related bugs and status

CVE-2007-2953 (Candidate) is related to these bugs:

Bug #150858: [vim] [dapper-backports] Format string vulnerability in the helptags_one function

Summary				In	Importance	Status
	150858	[vim] [dapper-backports] Format string vulnerability in the helptags_one function		vim (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/sec...
CONFIRM: ftp://ftp.vim.org/pub/...
BID: 25095
SECUNIA: 25941
CONFIRM: https://issues.rpath.c...
SECUNIA: 26285
DEBIAN: DSA-1364
SUSE: SUSE-SR:2007:018
UBUNTU: USN-505-1
SECUNIA: 26594
SECUNIA: 26653
SECUNIA: 26674
TRUSTIX: 2007-0026
SECUNIA: 26822
VIM: 20070823 vim editor du...
MANDRIVA: MDKSA-2007:168
SECUNIA: 26522
CONFIRM: http://support.avaya.c...
SECUNIA: 33410
REDHAT: RHSA-2008:0617
MANDRIVA: MDVSA-2008:236
REDHAT: RHSA-2008:0580
CONFIRM: http://www.vmware.com/...
VUPEN: ADV-2009-0904
VUPEN: ADV-2007-2687
VUPEN: ADV-2009-0033
SECUNIA: 32858
XF: vim-helptagsone-code-e...
OVAL: oval:org.mitre.oval:de...
OVAL: oval:org.mitre.oval:de...
BUGTRAQ: 20070730 FLEA-2007-003...
BUGTRAQ: 20090401 VMSA-2009-000...

Launchpad.net

CVE 2007-2953

Related bugs and status

Related bugs

References