New Search

Vim 'mch_expand_wildcards()' Heap Based Buffer Overflow Vulnerability

oval:org.mitre.oval:def:5987

Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames as demonstrated by the netrw.v3 test case.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • VMWare ESX Server 3.5
  • VMWare ESX Server 3
Class:
vulnerability
Reference(s):
  • CVE-2008-3432
Product(s):