CVE-2004-1138
Description
VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.
Risk Information
Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.067
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Vim 5.0 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.1 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.2 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.3 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.4 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.5 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.6 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.7 | Windows |
| Multiple Vulnerabilities are affected in Vim 5.8 | Windows |
| Multiple Vulnerabilities are affected in Vim 6.0 | Windows |
| Multiple Vulnerabilities are affected in Vim 6.1 | Windows |
| Multiple Vulnerabilities are affected in Vim 6.2 | Windows |
| Vulnerabilities CVE-2004-1138,CVE-2005-0069,CVE-2005-2368 are affected in Vim 6.3.011 | Windows |
| Vulnerabilities CVE-2004-1138,CVE-2005-0069,CVE-2005-2368 are affected in Vim 6.3.025 | Windows |
| Vulnerabilities CVE-2004-1138,CVE-2005-0069,CVE-2005-2368 are affected in Vim 6.3.030 | Windows |
| Vulnerabilities CVE-2004-1138,CVE-2005-0069,CVE-2005-2368 are affected in Vim 6.3.044 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234