Bug#320017: Fwd: Re: Requesting CAN for vim vulnerability [was: [Full-disclosure] Help poor children in Uganda]

Martin Pitt Tue, 26 Jul 2005 15:05:36 -0700

----- Forwarded message from "Steven M. Christey" <[EMAIL PROTECTED]> -----


Date: Tue, 26 Jul 2005 15:06:02 -0400 (EDT)
From: "Steven M. Christey" <[EMAIL PROTECTED]>
To: Martin Pitt <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: Requesting CAN for vim vulnerability [was: [Full-disclosure]
 Help poor children in Uganda]
X-Spam-Status: No, score=2.0 required=4.0 tests=AWL,BAYES_95 autolearn=no 
        version=3.0.3


Here you go...

======================================================
Candidate: CAN-2005-2368
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368
Reference: FULLDISC:20050725 Help poor children in Uganda
Reference: 
URL:http://lists.grok.org.uk/pipermail/full-disclosure/2005-July/035402.html
Reference: 
MISC:http://www.guninski.com/where_do_you_want_billg_to_go_today_5.html

vim 6.3 before 6.3.082, with modelines enabled, allows attackers to
execute arbitrary commands via shell metacharacters in the (1) glob or
(2) expand commands of a foldexpr expression for calculating fold
levels.



----- End forwarded message -----

-- 
Martin Pitt        http://www.piware.de
Ubuntu Developer   http://www.ubuntu.com
Debian Developer   http://www.debian.org

signature.asc
Description: Digital signature

Bug#320017: Fwd: Re: Requesting CAN for vim vulnerability [was: [Full-disclosure] Help poor children in Uganda]

Reply via email to