CVE-2008-2712


Severity : High
Published : 2008-06-16
Modified : 2010-08-21
Base Score : 9.3
Details : Vim 7.1.314, 6.4, and other versions allows user-assisted remote attackers to execute arbitrary commands via Vim scripts that do not properly sanitize inputs before invoking the execute or system functions, as demonstrated using (1) filetype.vim, (3) xpm.vim, (4) gzip_vim, and (5) netrw. NOTE: the originally reported version was 7.1.314, but the researcher actually found this set of issues in 7.1.298. NOTE: the zipplugin issue (originally vector 2 in this identifier) has been subsumed by CVE-2008-3075.
Product/Version : CGE 5.x  
Mobilinux 5.x  
Pro 5.0  
Mobilinux 5.0.24  
MVL 5 Atom  
Pro 5.0.24  
MVL 5 OMAP3  
MVL 5 OMAP3530  
Carrier Grade CGE 6.0  
Carrier Grade CGE 6.0  
Carrier Grade CGE 6.0  
Carrier Grade CGE 7.0  
Carrier Grade CGE 7.0  
 
 
 

CVE Vulnerabilities List CVE-2008

CVE-2008-0005 CVE-2008-0007 CVE-2008-0122 CVE-2008-0596
CVE-2008-0598 CVE-2008-0658 CVE-2008-1367 CVE-2008-1372
CVE-2008-1483 CVE-2008-1657 CVE-2008-1673 CVE-2008-1678
CVE-2008-1722 CVE-2008-1806 CVE-2008-1807 CVE-2008-1808
CVE-2008-1927 CVE-2008-2051 CVE-2008-2107 CVE-2008-2108
CVE-2008-2292 CVE-2008-2364 CVE-2008-2712 CVE-2008-2729
CVE-2008-2812 CVE-2008-2935 CVE-2008-2952 CVE-2008-3075
CVE-2008-3137 CVE-2008-3138 CVE-2008-3139 CVE-2008-3140
CVE-2008-3141 CVE-2008-3142 CVE-2008-3146 CVE-2008-3272
CVE-2008-3275 CVE-2008-3276 CVE-2008-3294 CVE-2008-3520
CVE-2008-3521 CVE-2008-3522 CVE-2008-3526 CVE-2008-3527
CVE-2008-3915 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934
CVE-2008-4101 CVE-2008-4109 CVE-2008-4210 CVE-2008-4225
CVE-2008-4226 CVE-2008-4307 CVE-2008-4309 CVE-2008-4316
CVE-2008-4554 CVE-2008-4609 CVE-2008-4864 CVE-2008-4989
CVE-2008-5029 CVE-2008-5031 CVE-2008-5079 CVE-2008-5161
CVE-2008-5286 CVE-2008-5300 CVE-2008-5713 CVE-2008-6218
CVE-2008-7068 CVE-2008-7256