CVE-2002-1377 - OpenCVE

vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Vim Development Group	Vim

Configuration 1 [-]

OR	cpe:2.3:a:vim_development_group:vim:5.0:::::::*
	cpe:2.3:a:vim_development_group:vim:5.1:::::::*
	cpe:2.3:a:vim_development_group:vim:5.2:::::::*
	cpe:2.3:a:vim_development_group:vim:5.3:::::::*
	cpe:2.3:a:vim_development_group:vim:5.4:::::::*
	cpe:2.3:a:vim_development_group:vim:5.5:::::::*
	cpe:2.3:a:vim_development_group:vim:5.6:::::::*
	cpe:2.3:a:vim_development_group:vim:5.7:::::::*
	cpe:2.3:a:vim_development_group:vim:5.8:::::::*
	cpe:2.3:a:vim_development_group:vim:6.0:::::::*
	cpe:2.3:a:vim_development_group:vim:6.1:::::::*

References

Link	Resource
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812
http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html
http://marc.info/?l=bugtraq&m=108077992208690&w=2
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700
http://www.guninski.com/vim1.html	Patch Vendor Advisory
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012
http://www.redhat.com/support/errata/RHSA-2002-297.html	Patch Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-302.html
http://www.securityfocus.com/bid/6384
https://exchange.xforce.ibmcloud.com/vulnerabilities/10835

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-09-01T04:00:00

Updated: 2007-11-29T00:00:00

Reserved: 2002-12-16T00:00:00

Link: CVE-2002-1377

JSON object: View

NVD Information

Status : Modified

Published: 2002-12-23T05:00:00.000

Modified: 2017-10-10T01:30:11.987

Link: CVE-2002-1377

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2002-12-12T00:00:00", "descriptions": [{"lang": "en", "value": "vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2007-11-29T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "6384", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/6384"}, {"name": "RHSA-2002:302", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-302.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.guninski.com/vim1.html"}, {"name": "20021213 Some vim problems, yet still vim much better than windows", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html"}, {"name": "RHSA-2002:297", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2002-297.html"}, {"name": "55700", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700"}, {"name": "CLA-2004:812", "tags": ["vendor-advisory", "x_refsource_CONECTIVA"], "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812"}, {"name": "MDKSA-2003:012", "tags": ["vendor-advisory", "x_refsource_MANDRAKE"], "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012"}, {"name": "20040331 OpenLinux: vim arbitrary commands execution through modelines", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=108077992208690&w=2"}, {"name": "vim-modeline-command-execution(10835)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10835"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2002-1377", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "6384", "refsource": "BID", "url": "http://www.securityfocus.com/bid/6384"}, {"name": "RHSA-2002:302", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-302.html"}, {"name": "http://www.guninski.com/vim1.html", "refsource": "MISC", "url": "http://www.guninski.com/vim1.html"}, {"name": "20021213 Some vim problems, yet still vim much better than windows", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html"}, {"name": "RHSA-2002:297", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2002-297.html"}, {"name": "55700", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700"}, {"name": "CLA-2004:812", "refsource": "CONECTIVA", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812"}, {"name": "MDKSA-2003:012", "refsource": "MANDRAKE", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012"}, {"name": "20040331 OpenLinux: vim arbitrary commands execution through modelines", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=108077992208690&w=2"}, {"name": "vim-modeline-command-execution(10835)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10835"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2002-1377", "datePublished": "2004-09-01T04:00:00", "dateReserved": "2002-12-16T00:00:00", "dateUpdated": "2007-11-29T00:00:00", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vim_development_group:vim:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B6461B4-AD69-4E54-901D-CB354FE9061C", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "D51F522E-E7A6-4861-BE54-C76B5D6062AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "5B5306C4-D4FA-48FE-B72A-8ED231DF283A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8C559F4-82E7-4BFA-B1C2-AAD1EA790DE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "FD83B9EE-82FF-4DA5-8577-97CE226EFEAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "823E99C7-7020-48B2-8F71-6FA5A1097EC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.6:*:*:*:*:*:*:*", "matchCriteriaId": "0A5B6675-BF67-434D-8D64-7BA6029A6BD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.7:*:*:*:*:*:*:*", "matchCriteriaId": "826F3339-8674-4A84-8EAC-17C884BBF723", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:5.8:*:*:*:*:*:*:*", "matchCriteriaId": "2A7C7C4D-9E38-40A1-B003-939F46CD96CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3A7789A-E0B0-45EA-B05A-A5A1BF31A24D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vim_development_group:vim:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "D6FF1779-4A0A-4E9E-94E1-5F7C4EF0555B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt."}, {"lang": "es", "value": "vim 6.0 y 6.1 y posiblemente otras versiones, permite a atacantes ejecutar comandos arbitrarios usando la caracter\u00edstica libcall en lineas de modo, que no son apantalladas si no que pueden ser ejecutadas cuando vim es usado como editor para otros productos como mutt."}], "id": "CVE-2002-1377", "lastModified": "2017-10-10T01:30:11.987", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2002-12-23T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000812"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2002-December/002948.html"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=108077992208690&w=2"}, {"source": "cve@mitre.org", "url": "http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55700"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.guninski.com/vim1.html"}, {"source": "cve@mitre.org", "url": "http://www.mandrakesoft.com/security/advisories?name=MDKSA-2003:012"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2002-297.html"}, {"source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2002-302.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/6384"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/10835"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}