CVE-2008-4101
EPSS 15.2%
Description
Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.
How to fix CVE-2008-4101
To remediate CVE-2008-4101, upgrade the affected package to a fixed version below.
- Debian/vim—upgrade to 2:7.2.010-1 or later
Is CVE-2008-4101 being exploited?
Moderate — EPSS is 15.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 2:7.2.010-1