NVD

Id
71528  
Name
CVE-2004-1138  
Description
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.  
Reject
 
CVSS Version
2  
CVSS Score
7.2  
Severity
High  
CVSS Base Score
7.2  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2005-01-10  
Modified Date
2017-07-10  
Seq
2004-1138  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
369976 71528 CVE-2004-1138 OpenPKG-SA-2004.052  View
369977 71528 CVE-2004-1138 oval:org.mitre.oval:def:9571  View
369978 71528 CVE-2004-1138 GLSA-200412-10  View
369979 71528 CVE-2004-1138 RHSA-2005:010  View
369980 71528 CVE-2004-1138 RHSA-2005:036  View
369981 71528 CVE-2004-1138 vim-modeline-gain-privileges(18503)  View
369982 71528 CVE-2004-1138 FLSA:2343  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
63202 JVNDB-2004-000544 Vim の modeline 機能における任意のコマンドを実行される脆弱性 Vim には、modeline に指定された特定のオプションの処理に不備が存在し、任意のコマンドを実行される脆弱性が存在します。 CVE-2004-1138 9565 CVE-2004-1138 71528 7.2 http://jvndb.jvn.jp/ja/contents/2004/JVNDB-2004-000544.html 2004-12-15 2007-04-01 View