CVE-2007-2953 — Use of Externally-Controlled Format String in VIM

7 documents7 sources

Severity

6.8MEDIUMNVD

EPSS

12.3%

top 6.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

VIM Debian VIM VIM Development Group VIM

Timeline

PublishedJul 31

Latest updateMay 3

Description

Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶debiandebian/vim< vim 1:7.1-056+1 (bookworm)

▶Debianvim/vim< 1:7.1-056+1+3

▶NVDvim_development_group/vim6.4+3

Patches

Patch: ftp.vim.org ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-ggw5-mghh-pg96: Format string vulnerability in the helptags_one function in src/ex_cmds↗2022-05-03

▶

OSV

CVE-2007-2953: Format string vulnerability in the helptags_one function in src/ex_cmds↗2007-07-31

▶

📋Vendor Advisories

Ubuntu

vim vulnerability↗2007-08-28

▶

Red Hat

vim format string flaw↗2007-07-25

▶

Debian

CVE-2007-2953: vim - Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim...↗2007

▶

💬Community

Bugzilla

CVE-2007-2953 vim format string flaw↗2007-07-17

▶