• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Vim Insecure Temporary File Creation Vulnerability

Vim creates temporary files in an insecure manner.

An attacker with local access could potentially exploit this issue to perform symbolic-link attacks to overwrite arbitrary files in the context of the affected application. Or, the attacker may add arbitrary shell commands to the temporary file to be executed in the context of the affected application.

Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files and execute arbitrary commands in the context of the user building Vim.

This issue affects all versions from Vim 5.0 to 7.1 (the current version); Vim 4.6 and 3.0 are not vulnerable.