CVE-2008-3074

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.openwall.com/lists/oss-security/2008/07/08/12", "name": "[oss-security] 20080708 Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2008/10/20/2", "name": "[oss-security] 20081020 CVE request (vim)", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2008/07/07/4", "name": "[oss-security] 20080707 Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": ["Exploit", "Patch"], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2008/10/15/1", "name": "[oss-security] 20081015 Vim CVE issues cleanup (plugins tar.vim, zip.vim) - CVE-2008-3074 and CVE-2008-3075", "tags": [], "refsource": "MLIST"}, {"url": "http://www.rdancer.org/vulnerablevim.html", "name": "http://www.rdancer.org/vulnerablevim.html", "tags": ["Exploit", "Patch", "Vendor Advisory"], "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2008/08/01/1", "name": "[oss-security] 20080731 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": [], "refsource": "MLIST"}, {"url": "http://marc.info/?l=bugtraq&m=121494431426308&w=2", "name": "20080701 Re: Collection of Vulnerabilities in Fully Patched Vim 7.1", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.openwall.com/lists/oss-security/2008/07/10/7", "name": "[oss-security] 20080710 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2008/07/07/1", "name": "[oss-security] 20080707 Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": [], "refsource": "MLIST"}, {"url": "http://www.rdancer.org/vulnerablevim-shellescape.html", "name": "http://www.rdancer.org/vulnerablevim-shellescape.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.openwall.com/lists/oss-security/2008/07/13/1", "name": "[oss-security] 20080713 Re: Re: More arbitrary code executions in Netrw version 125, Vim 7.2a.10", "tags": [], "refsource": "MLIST"}, {"url": "http://www.openwall.com/lists/oss-security/2008/07/15/4", "name": "[oss-security] 20080715 Re: Re: More arbitrary code executions in Netrw", "tags": [], "refsource": "MLIST"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0580.html", "name": "RHSA-2008:0580", "tags": [], "refsource": "REDHAT"}, {"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919", "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=506919", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:236", "name": "MDVSA-2008:236", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324", "name": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0324", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/32462", "name": "32462", "tags": [], "refsource": "BID"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=467428", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=467428", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/34418", "name": "34418", "tags": [], "refsource": "SECUNIA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html", "name": "SUSE-SR:2009:007", "tags": [], "refsource": "SUSE"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10754", "name": "oval:org.mitre.oval:def:10754", "tags": [], "refsource": "OVAL"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the \"!\" (exclamation point) shell metacharacter in (1) the filename of a tar archive and possibly (2) the filename of the first file in a tar archive, which is not properly handled by the VIM TAR plugin (tar.vim) v.10 through v.22, as demonstrated by the shellescape, tarplugin.v2, tarplugin, and tarplugin.updated test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3075. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-78"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-3074", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2009-02-21T22:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:vim:vim:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:vim:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:vim:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:vim:7.1.314:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:vim:7.1.266:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.14:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:vim:tar.vim:v.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-09-29T01:31Z"}