An arbitrary command execution flaw was found in the way VIM, Visual editor iMproved) processes modelines. The risk is MEDIUM. If a user with modelines enabled opened a text file containing a carefully crafted modeline, arbitrary commands could be executed as the user running VIM.
More...