Known Vulnerabilities for products from Vim Development Group

Listed below are 8 of the newest known vulnerabilities associated with the vendor "Vim Development Group".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2007-2953	Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows u...	6.8 - MEDIUM	2007-07-31	2018-10-16
CVE-2007-2438	The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-as...	7.6 - HIGH	2007-05-02	2018-10-16
CVE-2005-2368	vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via she...	9.3 - HIGH	2005-07-26	2017-10-11
CVE-2005-0069	The (1) tcltags or (2) vimspell.sh scripts in vim 6.3 allow local users to overwrite or create arbitrary files via a symlink ...	4.6 - MEDIUM	2005-01-13	2017-10-11
CVE-2004-1138	VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline t...	7.2 - HIGH	2005-01-10	2017-10-11
CVE-2002-1377	vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in mod...	4.6 - MEDIUM	2002-12-23	2017-10-10
CVE-2001-0409	vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap fil...	2.1 - LOW	2001-06-18	2017-10-10
CVE-2001-0408	vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary comm...	5.1 - MEDIUM	2001-06-18	2017-10-10