Your submission was sent successfully! Close

CVE-2008-4101

Published: 18 September 2008

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.

Priority

Low

Status

Package Release Status
vim
Launchpad, Ubuntu, Debian
dapper
Released (1:6.4-006+2ubuntu6.2)
feisty Needed
(reached end-of-life)
gutsy
Released (1:7.1-056+2ubuntu2.1)
hardy
Released (1:7.1-138+1ubuntu3.1)
intrepid
Released (1:7.1.314-3ubuntu3.1)
upstream
Released (7.2.010)