Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

R-238: VIM Security Update

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) R-238: VIM Security Update
# 1  
Old 12-24-2007
R-238: VIM Security Update
An arbitrary command execution flaw was found in the way VIM, Visual editor iMproved) processes modelines. The risk is MEDIUM. If a user with modelines enabled opened a text file containing a carefully crafted modeline, arbitrary commands could be executed as the user running VIM.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

error starting vim after an update?

After trying to make an update to my vim settings, i'm now getting this error message when vim tries to start. Any suggestions would be much appreciated :) Error detected while processing .vimrc: line 40: E15: Invalid expression: E15: Invalid expression: (0 Replies)
Discussion started by: khoges11
0 Replies
Login or Register to Ask a Question

LEARN ABOUT HPUX

secdef

secdef(3)						     Library Functions Manual							 secdef(3)

NAME

       secdef: open_secdef(), close_secdef(), get_secdef_str(), get_secdef_int() - security defaults configuration file routines

SYNOPSIS

DESCRIPTION

       opens the security configuration file This function must be called prior to calling or

       closes the security configuration file.

       and return the value of the specified parameter defined in the security configuration file.  See the security(4) manpage.

       Programs using these routines must be compiled with

APPLICATION USAGE

       In  a multithreaded application, these interfaces are thread-safe, but not async-cancel-safe.  A cancellation point may occur when a thread
       is executing any of these interfaces.

RETURN VALUE

       returns a value of if the open completed successfully.  Otherwise, it returns and leaves unchanged from the call.  and return  the  follow-
       ing:

	      The value of the specified parameter was successfully returned.
	      The entry was not found, or the security configuration file was not opened.
	      The format of the entry was incorrect.

EXAMPLES

       This example obtains the "path" from the parameter.

FILES

       Security defaults configuration file.

SEE ALSO

       security(4).

																	 secdef(3)