Vim Development Group: >> Vim >> 7.0 Security Vulnerabilities
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
CVSS Score
6.8
EPSS Score
0.1
Published
2007-07-31
The sandbox for vim allows dangerous functions such as (1) writefile, (2) feedkeys, and (3) system, which might allow user-assisted attackers to execute shell commands and write files via modelines.
CVSS Score
7.6
EPSS Score
0.03
Published
2007-05-02