Vim 'zip.vim' Plugin Arbitrary Command Execution Vulnerability

The 'zip.vim' plugin for Vim is prone to a command-execution vulnerability because the application fails to sufficiently sanitize user-supplied data.

Successfully exploiting this issue can allow an attacker to execute arbitrary commands with the privileges of the user running the affected application.

Vim 7.0 and 7.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus