Test ID:	1.3.6.1.4.1.25623.1.1.12.2004.52.1
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-52-1)
Summary:	The remote host is missing an update for the 'vim' package(s) announced via the USN-52-1 advisory.
Description:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the USN-52-1 advisory. Vulnerability Insight: Ciaran McCreesh found several vulnerabilities related to the use of options in Vim modeline commands, such as 'termcap', 'printdevice', 'titleold', 'filetype', 'syntax', 'backupext', 'keymap', 'patchmode', and 'langmenu'. If an attacker tricked an user to open a file with a specially crafted modeline, he could exploit this to execute arbitrary commands with the user's privileges. Affected Software/OS: 'vim' package(s) on Ubuntu 4.10. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-1138 https://bugzilla.fedora.us/show_bug.cgi?id=2343 http://www.gentoo.org/security/en/glsa/glsa-200412-10.xml http://marc.info/?l=bugtraq&m=110313588125609&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9571 http://www.redhat.com/support/errata/RHSA-2005-010.html http://www.redhat.com/support/errata/RHSA-2005-036.html XForce ISS Database: vim-modeline-gain-privileges(18503) https://exchange.xforce.ibmcloud.com/vulnerabilities/18503
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.