Secunia
Login
|
|
CVE Reference: CVE-2009-0316 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-0316 |
|
|
Description: Untrusted search path vulnerability in src/if_python.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983), as demonstrated by an erroneous search path for plugin/bike.vim in bicyclerepair. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/48275 MLIST http://www.openwall.com/lists/oss-security/2009/01/26/2 http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:047 CONFIRM http://support.apple.com/kb/HT4077 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493937 BID 33447 APPLE http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html |
|
| Return to the previous page. |
