CVE-2008-4101

Description

Vim 3.0 through 7.x before 7.2.010 does not properly escape characters, which allows user-assisted attackers to (1) execute arbitrary shell commands by entering a K keystroke on a line that contains a ";" (semicolon) followed by a command, or execute arbitrary Ex commands by entering an argument after a (2) "Ctrl-]" (control close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke sequence, a different issue than CVE-2008-2712.

Software From Fixed in
vim / vim - 7.2.x
vim / vim 3.0 3.0.x
vim / vim 4.0 4.0.x
vim / vim 5.0 5.0.x
vim / vim 5.1 5.1.x
vim / vim 5.2 5.2.x
vim / vim 5.3 5.3.x
vim / vim 5.4 5.4.x
vim / vim 5.5 5.5.x
vim / vim 5.6 5.6.x
vim / vim 5.7 5.7.x
vim / vim 5.8 5.8.x
vim / vim 6.0 6.0.x
vim / vim 6.1 6.1.x
vim / vim 6.2 6.2.x
vim / vim 6.3 6.3.x
vim / vim 6.4 6.4.x
vim / vim 7.0 7.0.x
vim / vim 7.1 7.1.x