Total vulnerabilities in the database
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not ensure that the Makefile-conf temporary file has the intended ownership and permissions, which allows local users to execute arbitrary code by modifying this file during a time window, or by creating it ahead of time with permissions that prevent its modification by configure.
| Software | From | Fixed in |
|---|---|---|
| vim / vim | 5.7 | 5.7.x |
| vim / vim | 6.4 | 6.4.x |
| vim / vim | 6.3 | 6.3.x |
| vim / vim | 5.4 | 5.4.x |
| vim / vim | 7.1 | 7.1.x |
| vim / vim | 7.0 | 7.0.x |
| vim / vim | 5.2 | 5.2.x |
| vim / vim | 5.3 | 5.3.x |
| vim / vim | 5.5 | 5.5.x |
| vim / vim | 6.2 | 6.2.x |
| vim / vim | 5.8 | 5.8.x |
| vim / vim | 6.0 | 6.0.x |
| vim / vim | 5.6 | 5.6.x |
| vim / vim | 6.1 | 6.1.x |
| vim / vim | 5.1 | 5.1.x |
| vim / vim | 5.0 | 5.0.x |