Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability

Vim ModeLines Further Variant Arbitrary Command Execution Vulnerability

References:

ASA-2005-189 - vim security update - (RHSA-2005-745) (Avaya)
CSSA-2004-015.0 OpenLinux: vim arbitrary commands execution through modelines (SCO)
Help poor children in Uganda (Georgi Guninski)
RHSA-2002:297-19 Updated vim packages fix modeline vulnerability (Red Hat)
RHSA-2005:745-10 - vim security update (RedHat)
Sun Linux VIM Package May Give Unprivileged Users the Ability to Execute Arbitra (Sun)
The First VIM Worm (SecuriTeam)
VIM Homepage (VIM Development Group)

Privacy Statement
Copyright 2010, SecurityFocus