USN-505-1: vim vulnerability

28 August 2007

vim vulnerability

Releases

Packages

Details

Ulf Harnhammar discovered that vim does not properly sanitise the
"helptags_one()" function when running the "helptags" command.
By tricking a user into running a crafted help file, a remote attacker
could execute arbitrary code with the user's privileges.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 7.04
Ubuntu 6.10
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.

References