Vulnerability Name:

CVE-2007-2953 (CCN-35655)

Assigned:2007-07-25
Published:2007-07-25
Updated:2018-10-16
Summary:Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
CVSS v3 Severity:5.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
5.1 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)
3.8 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Vim FTP Web site
FTP directory /pub/vim/patches/7.1/ at ftp.vim.org

Source: CONFIRM
Type: Patch
ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039

Source: MITRE
Type: CNA
CVE-2007-2953

Source: CCN
Type: RHSA-2008-0580
Moderate: vim security update

Source: CCN
Type: RHSA-2008-0617
Moderate: vim security update

Source: CCN
Type: SA25941
Vim "helptags" Command Format String Vulnerability

Source: SECUNIA
Type: Patch, Vendor Advisory
25941

Source: SECUNIA
Type: UNKNOWN
26285

Source: SECUNIA
Type: UNKNOWN
26522

Source: SECUNIA
Type: UNKNOWN
26594

Source: SECUNIA
Type: UNKNOWN
26653

Source: SECUNIA
Type: UNKNOWN
26674

Source: SECUNIA
Type: UNKNOWN
26822

Source: SECUNIA
Type: UNKNOWN
32858

Source: CCN
Type: SA33410
Avaya Products Vim Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
33410

Source: MISC
Type: Patch, Vendor Advisory
http://secunia.com/secunia_research/2007-66/advisory/

Source: CONFIRM
Type: UNKNOWN
http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm

Source: CCN
Type: ASA-2009-001
vim security update (RHSA-2008-0617)

Source: VIM
Type: UNKNOWN
20070823 vim editor duplicates / clarifications

Source: DEBIAN
Type: UNKNOWN
DSA-1364

Source: DEBIAN
Type: DSA-1364
vim -- several vulnerabilities

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2007:168

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2008:236

Source: SUSE
Type: UNKNOWN
SUSE-SR:2007:018

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0580

Source: REDHAT
Type: UNKNOWN
RHSA-2008:0617

Source: BUGTRAQ
Type: UNKNOWN
20070730 FLEA-2007-0036-1 vim vim-minimal gvim

Source: BUGTRAQ
Type: UNKNOWN
20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim

Source: BID
Type: Patch
25095

Source: CCN
Type: BID-25095
Vim HelpTags Command Remote Format String Vulnerability

Source: TRUSTIX
Type: UNKNOWN
2007-0026

Source: CCN
Type: USN-505-1
vim vulnerability

Source: UBUNTU
Type: UNKNOWN
USN-505-1

Source: CCN
Type: VMSA-2009-0004
ESX Service Console updates for openssl, bind, and vim

Source: CONFIRM
Type: UNKNOWN
http://www.vmware.com/security/advisories/VMSA-2009-0004.html

Source: VUPEN
Type: UNKNOWN
ADV-2007-2687

Source: VUPEN
Type: UNKNOWN
ADV-2009-0033

Source: VUPEN
Type: UNKNOWN
ADV-2009-0904

Source: XF
Type: UNKNOWN
vim-helptagsone-code-execution(35655)

Source: XF
Type: UNKNOWN
vim-helptagsone-code-execution(35655)

Source: CONFIRM
Type: UNKNOWN
https://issues.rpath.com/browse/RPL-1595

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:11549

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:6463

Source: SUSE
Type: SUSE-SR:2007:018
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:vim_development_group:vim:*:*:*:*:*:*:*:* (Version <= 6.4)
  • OR cpe:/a:vim_development_group:vim:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:vim_development_group:vim:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:vim_development_group:vim:7.1.38:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:4:*:*:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:42322
    P
    		Security update for mozilla-nss (Important)
    2022-07-22
    oval:org.opensuse.security:def:20072953
    V
    		CVE-2007-2953
    2022-06-30
    oval:org.opensuse.security:def:112387
    P
    		gvim-8.2.3408-1.2 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:33109
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:26183
    P
    		Security update for xorg-x11-server (Important)
    2021-12-14
    oval:org.opensuse.security:def:32222
    P
    		Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-11-19
    oval:org.opensuse.security:def:31697
    P
    		Security update for opensc (Important)
    2021-10-29
    oval:org.opensuse.security:def:31698
    P
    		Security update for transfig (Important)
    2021-10-29
    oval:org.opensuse.security:def:32202
    P
    		Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-10-18
    oval:org.opensuse.security:def:26144
    P
    		Security update for libqt5-qtsvg (Moderate)
    2021-10-11
    oval:org.opensuse.security:def:105898
    P
    		gvim-8.2.3408-1.2 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:42123
    P
    		Security update for hivex (Moderate)
    2021-09-23
    oval:org.opensuse.security:def:31270
    P
    		Security update for MozillaFirefox (Important)
    2021-09-22
    oval:org.opensuse.security:def:26121
    P
    		Security update for ntfs-3g_ntfsprogs (Important)
    2021-09-07
    oval:org.opensuse.security:def:31249
    P
    		Security update for python-PyYAML (Important)
    2021-08-24
    oval:org.opensuse.security:def:32158
    P
    		Security update for dbus-1 (Important)
    2021-08-02
    oval:org.opensuse.security:def:26095
    P
    		Security update for glibc (Moderate)
    2021-07-27
    oval:org.opensuse.security:def:32136
    P
    		Security update for arpwatch (Important)
    2021-06-28
    oval:org.opensuse.security:def:31638
    P
    		Security update for caribou (Important)
    2021-06-10
    oval:org.opensuse.security:def:31196
    P
    		Security update for spice (Important)
    2021-06-08
    oval:org.opensuse.security:def:36146
    P
    		gvim-7.2-8.15.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:42553
    P
    		gvim-7.2-8.15.2 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31184
    P
    		Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:31185
    P
    		Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-06-04
    oval:org.opensuse.security:def:26043
    P
    		Security update for bind (Important)
    2021-05-04
    oval:org.opensuse.security:def:26042
    P
    		Security update for cups (Important)
    2021-04-30
    oval:org.opensuse.security:def:31613
    P
    		Security update for tomcat (Important)
    2021-04-29
    oval:org.opensuse.security:def:31612
    P
    		Security update for gdm (Important)
    2021-04-28
    oval:org.opensuse.security:def:32066
    P
    		Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)
    2021-04-07
    oval:org.opensuse.security:def:31749
    P
    		Security update for MozillaFirefox (Important)
    2021-03-31
    oval:org.opensuse.security:def:31746
    P
    		Security update for wavpack (Important)
    2021-03-24
    oval:org.opensuse.security:def:32278
    P
    		Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:26197
    P
    		Security update for postgresql13 (Moderate)
    2021-02-22
    oval:org.opensuse.security:def:31341
    P
    		Security update for jasper (Important)
    2021-02-16
    oval:org.opensuse.security:def:33070
    P
    		Security update for MozillaFirefox (Low)
    2021-02-10
    oval:org.opensuse.security:def:31692
    P
    		Security update for python3 (Important)
    2021-02-08
    oval:org.opensuse.security:def:31641
    P
    		Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:31624
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:26037
    P
    		Security update for the Linux Kernel (Important)
    2021-01-15
    oval:org.opensuse.security:def:32097
    P
    		Security update for flac (Moderate)
    2021-01-04
    oval:org.opensuse.security:def:25985
    P
    		Security update for gimp (Moderate)
    2020-12-29
    oval:org.opensuse.security:def:25980
    P
    		Security update for MozillaFirefox (Critical)
    2020-12-21
    oval:org.opensuse.security:def:32004
    P
    		Security update for postgresql12 (Important)
    2020-12-04
    oval:org.opensuse.security:def:35716
    P
    		gvim-7.2-8.15.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35915
    P
    		gvim-7.2-8.15.2 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:35563
    P
    		gvim-7.2-8.8 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:41970
    P
    		gvim-7.2-8.8 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:25466
    P
    		Security update for libxml2 (Low)
    2020-12-01
    oval:org.opensuse.security:def:25750
    P
    		Security update for flash-player (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26241
    P
    		Security update for evolution (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25695
    P
    		Security update for gcc9 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25899
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26272
    P
    		Security update for openexr (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26427
    P
    		Security update for python-Django (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31117
    P
    		Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:31485
    P
    		Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:31785
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:32528
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31551
    P
    		Security update for shim
    2020-12-01
    oval:org.opensuse.security:def:31899
    P
    		Security update for MozillaFirefox, firefox-glib2, firefox-gtk3 (Important)
    2020-12-01
    oval:org.opensuse.security:def:32642
    P
    		clamav on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31383
    P
    		Security update for openvpn (Important)
    2020-12-01
    oval:org.opensuse.security:def:32048
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31830
    P
    		Security update for bind (Critical)
    2020-12-01
    oval:org.opensuse.security:def:32388
    P
    		Security update for tomcat6 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25114
    P
    		Security update for LibVNCServer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25318
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:25691
    P
    		Security update for python36 (Important)
    2020-12-01
    oval:org.opensuse.security:def:25846
    P
    		Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25343
    P
    		Security update for kernel-firmware (Important)
    2020-12-01
    oval:org.opensuse.security:def:25693
    P
    		Security update for LibreOffice (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26716
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25477
    P
    		Security update for spectre-meltdown-checker (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25807
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26879
    P
    		cvs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25696
    P
    		Security update for sudo (Important)
    2020-12-01
    oval:org.opensuse.security:def:26325
    P
    		Security update for Chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:26471
    P
    		Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31031
    P
    		Security update for java-1_7_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:31807
    P
    		Security update for apache2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31938
    P
    		Security update for glibc (Important)
    2020-12-01
    oval:org.opensuse.security:def:32681
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31394
    P
    		Security update for patch (Important)
    2020-12-01
    oval:org.opensuse.security:def:32840
    P
    		coolkey on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31922
    P
    		Security update for ghostscript-library (Important)
    2020-12-01
    oval:org.opensuse.security:def:32432
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:25115
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25399
    P
    		Security update for libproxy (Important)
    2020-12-01
    oval:org.opensuse.security:def:25744
    P
    		Security update for djvulibre (Low)
    2020-12-01
    oval:org.opensuse.security:def:25890
    P
    		Security update for php5 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25267
    P
    		Security update for exiv2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25471
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25844
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:25999
    P
    		Security update for zziplib (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25541
    P
    		Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25891
    P
    		Security update for libimobiledevice, usbmuxd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26914
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25707
    P
    		Security update for java-1_7_1-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26374
    P
    		Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:27109
    P
    		dhcp on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31032
    P
    		Security update for java-1_7_0-ibm (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31851
    P
    		Security update for clamav (Important)
    2020-12-01
    oval:org.opensuse.security:def:31402
    P
    		Security update for perl-DBD-mysql (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31794
    P
    		Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:31960
    P
    		Security update for gtk2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31468
    P
    		Security update for powerpc-utils
    2020-12-01
    oval:org.opensuse.security:def:31836
    P
    		Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:32879
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31979
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:32327
    P
    		Security update for samba (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25126
    P
    		Security update for ovmf (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25456
    P
    		Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:25793
    P
    		Security update for icedtea-web (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26528
    P
    		bzip2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25268
    P
    		Security update for mozilla-nspr, mozilla-nss (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25552
    P
    		Security update for python3-requests (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25897
    P
    		Security update for mariadb (Important)
    2020-12-01
    oval:org.opensuse.security:def:25465
    P
    		Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:25669
    P
    		Security update for gcc10 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25771
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:26413
    P
    		Security update for go1.8 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27144
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31043
    P
    		Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31398
    P
    		Security update for perl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32489
    P
    		apache2-mod_php5 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31494
    P
    		Security update for Python
    2020-12-01
    oval:org.opensuse.security:def:31850
    P
    		Security update for clamav (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31382
    P
    		Security update for openvpn
    2020-12-01
    oval:org.opensuse.security:def:31600
    P
    		Security update for tightvnc (Important)
    2020-12-01
    oval:org.opensuse.security:def:31992
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:32366
    P
    		Security update for supportutils (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25190
    P
    		Security update for virglrenderer (Important)
    2020-12-01
    oval:org.opensuse.security:def:25540
    P
    		Security update for java-1_7_1-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:25832
    P
    		Security update for flash-player (Important)
    2020-12-01
    oval:org.opensuse.security:def:26563
    P
    		gvim on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25279
    P
    		Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:25609
    P
    		Security update for sysstat (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25946
    P
    		Security update for gnome-shell (Low)
    2020-12-01
    oval:org.opensuse.security:def:26681
    P
    		curl on GA media (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:29232
    P
    		RHSA-2008:0580 -- vim security update (Moderate)
    2015-08-17
    oval:org.mitre.oval:def:17506
    P
    		USN-505-1 -- vim vulnerability
    2014-06-30
    oval:org.mitre.oval:def:20483
    P
    		DSA-1364-2 vim - several vulnerabilities
    2014-06-23
    oval:org.mitre.oval:def:17989
    P
    		DSA-1364-1 vim
    2014-06-23
    oval:org.mitre.oval:def:22692
    P
    		ELSA-2008:0580: vim security update (Moderate)
    2014-05-26
    oval:org.mitre.oval:def:11549
    V
    		Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
    2013-04-29
    oval:org.mitre.oval:def:6463
    V
    		Vim HelpTags Command Remote Format String Vulnerability
    2009-11-30
    oval:com.redhat.rhsa:def:20080580
    P
    		RHSA-2008:0580: vim security update (Moderate)
    2008-11-25
    oval:com.redhat.rhsa:def:20080617
    P
    		RHSA-2008:0617: vim security update (Moderate)
    2008-11-25
    oval:org.debian:def:1364
    V
    		several vulnerabilities
    2007-09-19
    BACK
    vim_development_group vim *
    vim_development_group vim 7.0
    vim_development_group vim 7.1
    vim_development_group vim 7.1.38