CVE-2005-2368

EPSS 1.5%

vim - modeline exploits

Published: 7/26/2005Modified: 4/28/2026

Also known as:DEBIAN-CVE-2005-2368

Description

vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels.

Affected packages (2)

Debian/vimfrom 0, < 1:6.3-085+1
Debian/vimfrom 0, < 1:6.3-085+0.0etch1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2368