Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Vim Modelines Arbitrary Command Execution Vulnerability

Title : Fedora Security Update Fixes Vim Modelines Arbitrary Command Execution Vulnerability
VUPEN ID : VUPEN/ADV-2007-1692
CVE ID : GENERIC-MAP-NOMATCH
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-05-08

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

A vulnerability has been identified in Fedora, which could be exploited by attackers to execute arbitrary code. This issue is caused by an error in Vim. For additional information, see : VUPEN/ADV-2007-1599

Affected Products

Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

ee8f8842dbf32465e0c88826fc61c2fa592987f9 SRPMS/vim-7.0.235-1.fc6.src.rpm
ee8f8842dbf32465e0c88826fc61c2fa592987f9 noarch/vim-7.0.235-1.fc6.src.rpm
844c7446d9830cc7dcff17df894663806b03e8c2 ppc/vim-enhanced-7.0.235-1.fc6.ppc.rpm
11a0b358ba63eb79800ad2070721edfdcd840423 ppc/vim-X11-7.0.235-1.fc6.ppc.rpm
4a221fa84540f2e62e186343462b69e608fd1f35 ppc/vim-common-7.0.235-1.fc6.ppc.rpm
274b5bbaa99f646e81bb59ff15c985f3f40c79e1 ppc/vim-minimal-7.0.235-1.fc6.ppc.rpm
3d6b144ed7a827aab34d04098b5da13a75161a8a ppc/debug/vim-debuginfo-7.0.235-1.fc6.ppc.rpm
1e7dea697bccc50200b1acc73a8dcee7a807ced1 x86_64/debug/vim-debuginfo-7.0.235-1.fc6.x86_64.rpm
8067840792fffbeb2540b5ae26c63117faff31cb x86_64/vim-minimal-7.0.235-1.fc6.x86_64.rpm
ad364dc860caf70aa930eccba61e691ff186e8ed x86_64/vim-enhanced-7.0.235-1.fc6.x86_64.rpm
ff0e6fa4ce37439b3b20f6de53ade3199ece3f05 x86_64/vim-common-7.0.235-1.fc6.x86_64.rpm
014fe19cdf7cc2fda384e0132801945bc0ef7e2d x86_64/vim-X11-7.0.235-1.fc6.x86_64.rpm
e267c82124c78dad73b2b68d336300249a36084d i386/vim-minimal-7.0.235-1.fc6.i386.rpm
64cec05bfa9dcc0f3ce1f31e7cb997207f6a35be i386/vim-common-7.0.235-1.fc6.i386.rpm
ea9b3e07b6c8c907bb0a488f54f8329001468065 i386/vim-enhanced-7.0.235-1.fc6.i386.rpm
d9b2d1c644a4280197f93d3d430d6eb0b6552156 i386/vim-X11-7.0.235-1.fc6.i386.rpm
51c29643ffd7c1fd24b3425e14edc35f9b46a178 i386/debug/vim-debuginfo-7.0.235-1.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1692
https://www.redhat.com/archives/fedora-package-announce/2007-May/msg00011.html

ChangeLog

2007-05-08 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy