Oval Definition:oval:org.mitre.oval:def:12922
Revision Date:2014-06-30Version:20
Title:USN-712-1 -- vim vulnerabilities
Description:Jan Minar discovered that Vim did not properly sanitize inputs before invoking the execute or system functions inside Vim scripts. If a user were tricked into running Vim scripts with a specially crafted input, an attacker could execute arbitrary code with the privileges of the user invoking the program. Ben Schmidt discovered that Vim did not properly escape characters when performing keyword or tag lookups. If a user were tricked into running specially crafted commands, an attacker could execute arbitrary code with the privileges of the user invoking the program
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2008-2712
CVE-2008-4101
USN-712-1
USN-712-1
Platform(s):Ubuntu 6.06
Ubuntu 7.10
Ubuntu 8.04
Ubuntu 8.10
Product(s):vim
Definition Synopsis
  • Release section
  • Ubuntu 7.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • vim-doc DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-runtime DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-gui-common DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • vim-tcl DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-common DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-gnome DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-ruby DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-gtk DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-python DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-tiny DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-full DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR vim-perl DPKG is earlier than 1:7.1-056+2ubuntu2.1
  • OR Release section
  • Ubuntu 8.04 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • vim-tcl DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-doc DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-runtime DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-perl DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-ruby DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-full DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-gui-common DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-python DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • vim-common DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-gnome DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-gtk DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-nox DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim-tiny DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR vim DPKG is earlier than 1:7.1-138+1ubuntu3.1
  • OR Release section
  • Ubuntu 6.06 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • vim-doc DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-runtime DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is amd64
  • OR Installed architecture is i386
  • AND Packages section
  • vim-tcl DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-common DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-gnome DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-ruby DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-gtk DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-gui-common DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-python DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-tiny DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR vim-perl DPKG is earlier than 1:6.4-006+2ubuntu6.2
  • OR Release section
  • Ubuntu 8.10 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • vim-tcl DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-doc DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-runtime DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-perl DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-ruby DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-full DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-gui-common DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-python DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is lpia
  • AND Packages section
  • vim-common DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-gnome DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-gtk DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-tiny DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-nox DPKG is earlier than 1:7.1.314-3ubuntu3.1
  • OR vim-dbg DPKG is earlier than 1:7.1.314-3ubuntu3.1
    • BACK