Back to bug 1398227
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Andrej Nemec | 2016-11-24 10:15:16 UTC | Depends On | 1398228 | |
| Andrej Nemec | 2016-11-24 10:16:43 UTC | Blocks | 1398230 | |
| Norman Sardella | 2016-11-24 11:04:45 UTC | CC | sardella | |
| Slawomir Czarko | 2016-11-24 16:35:32 UTC | CC | slawomir | |
| Doran Moppert | 2016-11-25 05:32:25 UTC | CC | dmoppert | |
| Doran Moppert | 2016-11-25 05:44:20 UTC | Whiteboard | impact=important,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,fedora-all/vim=affected,rhel-5/vim=new,rhel-6/vim=new,rhel-7/vim=new | impact=important,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected |
| Doran Moppert | 2016-11-28 03:16:32 UTC | Whiteboard | impact=important,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected | impact=important,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected |
| Doran Moppert | 2016-11-28 03:42:15 UTC | Doc Text | A vulnerability was found in vim, in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. | |
| Doran Moppert | 2016-11-28 03:53:27 UTC | Depends On | 1399008, 1399009 | |
| Doran Moppert | 2016-11-28 03:54:16 UTC | Depends On | 1399011, 1399010 | |
| Eric Christensen | 2016-11-28 14:53:02 UTC | Doc Text | A vulnerability was found in vim, in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. | A vulnerability was found in vim in how certain modeline options were treated. An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim. |
| Karsten Hopp | 2016-12-12 14:26:12 UTC | Status | NEW | MODIFIED |
| Vincent Danen | 2016-12-16 19:32:27 UTC | CC | anemec | |
| Flags | needinfo?(anemec) | |||
| Andrej Nemec | 2016-12-19 08:05:47 UTC | Whiteboard | impact=important,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected |
| Flags | needinfo?(anemec) | |||
| Vincent Danen | 2016-12-19 15:13:38 UTC | Flags | needinfo?(anemec) | |
| Vincent Danen | 2016-12-19 15:14:14 UTC | Flags | needinfo?(dmoppert) | |
| Doran Moppert | 2016-12-20 01:32:48 UTC | Whiteboard | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.8/CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected |
| Doran Moppert | 2016-12-20 01:39:11 UTC | Flags | needinfo?(anemec) needinfo?(dmoppert) | |
| Martin Prpič | 2016-12-20 06:53:19 UTC | Priority | high | medium |
| Severity | high | medium | ||
| Doran Moppert | 2016-12-21 06:14:05 UTC | CC | gchamoul | |
| Whiteboard | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=affected,rhel-6/vim=affected,rhel-7/vim=affected | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=wontfix,rhel-6/vim=affected,rhel-7/vim=affected | ||
| Doran Moppert | 2016-12-22 00:43:00 UTC | Status | MODIFIED | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-12-21 19:43:00 UTC | |||
| Product Security DevOps Team | 2019-09-29 14:00:54 UTC | Whiteboard | impact=moderate,public=20161120,reported=20161122,source=oss-security,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cvss3=7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H,cwe=CWE-20->CWE-138,fedora-all/vim=affected,rhel-5/vim=wontfix,rhel-6/vim=affected,rhel-7/vim=affected |
Back to bug 1398227