SB2009012801 - Untrusted search path in Vim
Published: January 28, 2009 Updated: December 27, 2022
Security Bulletin ID
SB2009012801
CSH Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Code execution
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Untrusted search path (CVE-ID: CVE-2009-0316)
CWE-ID: CWE-426 - Untrusted Search Path
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to untrusted search path in src/if_python.c in the Python interface in Vim. A local user can place a malicious python file in a directory and trick the victim to open a file in that directory.
Remediation
Install update from vendor's website.
References
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484305
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493937
- http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
- http://support.apple.com/kb/HT4077
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:047
- http://www.nabble.com/Bug-484305%3A-bicyclerepair%3A-bike.vim-imports-untrusted-python-files-from-cwd-td18848099.html
- http://www.openwall.com/lists/oss-security/2009/01/26/2
- http://www.securityfocus.com/bid/33447
- https://bugzilla.redhat.com/show_bug.cgi?id=481565
- https://exchange.xforce.ibmcloud.com/vulnerabilities/48275
- https://svn.pardus.org.tr/pardus/2008/applications/editors/vim/files/official/7.2.045