Vulnerability DatabaseCVE-2007-2953
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2007-2953
July 31, 2007
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
Related Resources (33)
http://www.novell.com/linux/security/advisories/2007_18_sr.html
http://www.vmware.com/security/advisories/VMSA-2009-0004.html
http://www.vupen.com/english/advisories/2009/0904
http://www.mandriva.com/security/advisories?name=MDKSA-2007:168
http://support.avaya.com/elmodocs2/security/ASA-2009-001.htm
http://secunia.com/advisories/32858
http://www.securityfocus.com/archive/1/475076/100/100/threaded
ftp://ftp.vim.org/pub/vim/patches/7.1/7.1.039
http://www.redhat.com/support/errata/RHSA-2008-0617.html
http://secunia.com/advisories/26653
https://access.redhat.com/security/cve/CVE-2007-2953
http://secunia.com/advisories/33410
http://secunia.com/advisories/25941
http://www.attrition.org/pipermail/vim/2007-August/001770.html
http://www.securityfocus.com/archive/1/502322/100/0/threaded
http://www.vupen.com/english/advisories/2009/0033
https://issues.rpath.com/browse/RPL-1595
https://exchange.xforce.ibmcloud.com/vulnerabilities/35655
http://secunia.com/advisories/26285
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6463
http://www.mandriva.com/security/advisories?name=MDVSA-2008:236
http://secunia.com/secunia_research/2007-66/advisory/
http://secunia.com/advisories/26594
http://secunia.com/advisories/26674
http://secunia.com/advisories/26822
http://www.ubuntu.com/usn/usn-505-1
http://www.securityfocus.com/bid/25095
http://www.vupen.com/english/advisories/2007/2687
http://www.debian.org/security/2007/dsa-1364
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11549
http://www.redhat.com/support/errata/RHSA-2008-0580.html
http://www.trustix.org/errata/2007/0026/
http://secunia.com/advisories/26522
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.3
Attack Vector
NETWORK
Attack Complexity
HIGH
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
LOW
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
5.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
LOW
CVSS v2
Base Score:
6.8
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
EPSS
Base Score:
11.92