Vulnerabilities > CVE-2001-0409 - Unspecified vulnerability in VIM Development Group VIM 5.7

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

vim-development-group

exploit available

NVD

Published: 2001-06-18

Updated: 2017-10-10

Summary

vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.

Vulnerable Configurations

Part	Description	Count
Application	Vim_Development_Group VIM Development Group VIM 5.7	1

Exploit-Db

description	Vim 5.x Swap File Race Condition Vulnerability. CVE-2001-0409. Local exploit for linux platform
id	EDB-ID:20967
last seen	2016-02-02
modified	2001-01-26
published	2001-01-26
reporter	zen-parse
source	https://www.exploit-db.com/download/20967/
title	Vim 5.x Swap File Race Condition Vulnerability

References

http://www.calderasystems.com/support/security/advisories/CSSA-2001-014.0.txt
http://www.novell.com/linux/security/advisories/2001_012_vim.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6628