PT-2005-1185 · Vim+1 · Vim+1

Javier Fernández-Sanguino Peña

Published

2005-01-13

Updated

2017-10-11

CVE-2005-0069

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions vim version 6.3

Description The issue allows local users to overwrite or create arbitrary files via a symlink attack on temporary files used by the tcltags or vimspell.sh scripts.

Recommendations For vim version 6.3, consider restricting access to the tcltags and vimspell.sh scripts until a patch is available, or avoid using these scripts to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-0069

RHSA-2005:036

RHSA-2005:122

RHSA-2005_036

RHSA-2005_122

Affected Products

Red Hat

Vim

PT-2005-1185 · Vim+1 · Vim+1

CVE-2005-0069

Related Identifiers

Affected Products

References · 16