Vulnerabilities > VIM Development Group > VIM > 6.3

DATE	CVE	VULNERABILITY TITLE	RISK
2005-07-26	CVE-2005-2368	OS Command Injection vulnerability in VIM Development Group VIM vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to execute arbitrary commands via shell metacharacters in the (1) glob or (2) expand commands of a foldexpr expression for calculating fold levels. network vim-development-group CWE-78 critical	9.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.