CVE-2008-3075


Severity : High
Published : 2009-02-21
Modified : 2010-08-21
Base Score : 9.3
Details : The shellescape function in Vim 7.0 through 7.2, including 7.2a.10, allows user-assisted attackers to execute arbitrary code via the "!" (exclamation point) shell metacharacter in (1) the filename of a ZIP archive and possibly (2) the filename of the first file in a ZIP archive, which is not properly handled by zip.vim in the VIM ZIP plugin (zipPlugin.vim) v.11 through v.21, as demonstrated by the zipplugin and zipplugin.v2 test cases. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712. NOTE: this issue has the same root cause as CVE-2008-3074. NOTE: due to the complexity of the associated disclosures and the incomplete information related to them, there may be inaccuracies in this CVE description and in external mappings to this identifier.
Product/Version : Carrier Grade CGE 6.0  
Carrier Grade CGE 7.0  
 
 
 

CVE Vulnerabilities List CVE-2008

CVE-2008-0005 CVE-2008-0007 CVE-2008-0122 CVE-2008-0596
CVE-2008-0598 CVE-2008-0658 CVE-2008-1367 CVE-2008-1372
CVE-2008-1483 CVE-2008-1657 CVE-2008-1673 CVE-2008-1678
CVE-2008-1722 CVE-2008-1806 CVE-2008-1807 CVE-2008-1808
CVE-2008-1927 CVE-2008-2051 CVE-2008-2107 CVE-2008-2108
CVE-2008-2292 CVE-2008-2364 CVE-2008-2712 CVE-2008-2729
CVE-2008-2812 CVE-2008-2935 CVE-2008-2952 CVE-2008-3075
CVE-2008-3137 CVE-2008-3138 CVE-2008-3139 CVE-2008-3140
CVE-2008-3141 CVE-2008-3142 CVE-2008-3146 CVE-2008-3272
CVE-2008-3275 CVE-2008-3276 CVE-2008-3294 CVE-2008-3520
CVE-2008-3521 CVE-2008-3522 CVE-2008-3526 CVE-2008-3527
CVE-2008-3915 CVE-2008-3932 CVE-2008-3933 CVE-2008-3934
CVE-2008-4101 CVE-2008-4109 CVE-2008-4210 CVE-2008-4225
CVE-2008-4226 CVE-2008-4307 CVE-2008-4309 CVE-2008-4316
CVE-2008-4554 CVE-2008-4609 CVE-2008-4864 CVE-2008-4989
CVE-2008-5029 CVE-2008-5031 CVE-2008-5079 CVE-2008-5161
CVE-2008-5286 CVE-2008-5300 CVE-2008-5713 CVE-2008-6218
CVE-2008-7068 CVE-2008-7256