CVE-2007-2953
EPSS 14.7%
Description
Format string vulnerability in the helptags_one function in src/ex_cmds.c in Vim 6.4 and earlier, and 7.x up to 7.1, allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a help-tags tag in a help file, related to the helptags command.
How to fix CVE-2007-2953
To remediate CVE-2007-2953, upgrade the affected package to a fixed version below.
- Debian/vim—upgrade to 1:7.1-056+1 or later
Is CVE-2007-2953 being exploited?
Moderate — EPSS is 14.7%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1:7.1-056+1