Summary
This host is installed with Vim and is prone to Command Injection Vulnerability.
Impact
Successful exploitation will let the attacker execute arbitrary shell commands to compromise the system.
Impact Level: Application
Solution
Upgrade to version 7.2
http://www.vim.org/download.php
Insight
This error is due to the 'filetype.vim', 'tar.vim', 'zip.vim', 'xpm.vim', 'xpm2.vim', 'gzip.vim', and 'netrw.vim' scripts whcih are insufficiently filtering special characters.
Affected
Vim version prior to 7.2 on Linux.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-2712, CVE-2008-3074, CVE-2008-3075, CVE-2008-3076 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities