Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Scientific Linux: SLSA-2019-1774-1 Critical: Vim Command Execution Risk

Calendar Jul 15, 2019 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory important arbitrary command execution vim x86_64 i386 scientific linux
vim/neovim: ':source!' command allows arbitrary command execution via modelines (CVE-2019-12735) SL6 x86_64 vim-X11-7.4.629-5.el6_10.2.x86_64.rpm vim-common-7.4.629-5.el6_10.2.x86_64.rpm vim-debuginfo-7.4.629-5.el6_10.2.x86_64.rpm vim-enhanced-7.4.629-5.el6_10.2.x86_64.rpm vim-filesystem-7.4.629-5.el6_10.2.x86_64.rpm vim-minimal-7.4.629-5.el6_10.2.x86_64.rpm i386 [More...] 
Synopsis: Important: vim security update
Advisory ID:       SLSA-2019:1774-1
Issue Date:        2019-07-15
CVE Numbers:       CVE-2019-12735
--

Security Fix(es):

* vim/neovim: ':source!' command allows arbitrary command execution via
modelines (CVE-2019-12735)
--

SL6
  x86_64
    vim-X11-7.4.629-5.el6_10.2.x86_64.rpm
    vim-common-7.4.629-5.el6_10.2.x86_64.rpm
    vim-debuginfo-7.4.629-5.el6_10.2.x86_64.rpm
    vim-enhanced-7.4.629-5.el6_10.2.x86_64.rpm
    vim-filesystem-7.4.629-5.el6_10.2.x86_64.rpm
    vim-minimal-7.4.629-5.el6_10.2.x86_64.rpm
  i386
    vim-X11-7.4.629-5.el6_10.2.i686.rpm
    vim-common-7.4.629-5.el6_10.2.i686.rpm
    vim-debuginfo-7.4.629-5.el6_10.2.i686.rpm
    vim-enhanced-7.4.629-5.el6_10.2.i686.rpm
    vim-filesystem-7.4.629-5.el6_10.2.i686.rpm
    vim-minimal-7.4.629-5.el6_10.2.i686.rpm

- Scientific Linux Development Team
Your message here