FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
1ed03222-3c65-11dc-b3d3-0016179b2dd5	vim -- Command Format String Vulnerability A Secunia Advisory reports: A format string error in the "helptags_one()" function in src/ex_cmds.c when running the "helptags" command can be exploited to execute arbitrary code via specially crafted help files. Discovery 2007-07-27 Entry 2007-07-27 vim vim-console vim-lite vim-ruby vim6 vim6-ruby < 7.1.39 CVE-2007-2953 http://secunia.com/advisories/25941/
30866e6c-3c6d-11dd-98c9-00163e000016	vim -- Vim Shell Command Injection Vulnerabilities Rdancer.org reports: Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon opening a crafted file. Discovery 2008-06-16 Entry 2008-06-21 vim vim-console vim-lite vim-ruby vim6 vim6-ruby gt 6 le 6.4.10 gt 7 lt 7.1.315 CVE-2008-2712 http://www.rdancer.org/vulnerablevim.html
f866d2af-bbba-11df-8a8d-0008743bf21a	vim6 -- heap-based overflow while parsing shell metacharacters Description for CVE-2008-3432 says: Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case. Discovery 2008-07-31 Entry 2010-09-09 vim6 vim6+ruby ge 6.2.429 lt 6.3.62 CVE-2008-3432 http://www.openwall.com/lists/oss-security/2008/07/15/4

VuXML ID

Description

1ed03222-3c65-11dc-b3d3-0016179b2dd5

vim -- Command Format String Vulnerability

A Secunia Advisory reports:

A format string error in the "helptags_one()" function in src/ex_cmds.c when running the "helptags" command can be exploited to execute arbitrary code via specially crafted help files.

Discovery 2007-07-27
Entry 2007-07-27
vim
vim-console
vim-lite
vim-ruby
vim6
vim6-ruby

< 7.1.39

CVE-2007-2953
http://secunia.com/advisories/25941/

30866e6c-3c6d-11dd-98c9-00163e000016

vim -- Vim Shell Command Injection Vulnerabilities

Rdancer.org reports:

Improper quoting in some parts of Vim written in the Vim Script can lead to arbitrary code execution upon opening a crafted file.

Discovery 2008-06-16
Entry 2008-06-21
vim
vim-console
vim-lite
vim-ruby
vim6
vim6-ruby

gt 6 le 6.4.10

gt 7 lt 7.1.315

CVE-2008-2712
http://www.rdancer.org/vulnerablevim.html

f866d2af-bbba-11df-8a8d-0008743bf21a

vim6 -- heap-based overflow while parsing shell metacharacters

Description for CVE-2008-3432 says:

Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.

Discovery 2008-07-31
Entry 2010-09-09
vim6
vim6+ruby

ge 6.2.429 lt 6.3.62

CVE-2008-3432
http://www.openwall.com/lists/oss-security/2008/07/15/4