CVE IDs: - CVE-2008-3074 - tarplugin - CVE-2008-3075 - zipplugin - CVE-2008-3076 - netrw issues Vulnerability Type: - Arbitrary code execution Affected Components: - tarplugin - zipplugin - netrw Version Information: - Vim 7.2a.10 - Netrw version 109 Tested Versions: - Vim 7.1.245 - Netrw 109 Additional Notes: - Questions about whether netrw issues should be assigned their own CVE ID separate from tar and zip plugins due to similarities. - Tarplugin test suite updated, but new exploit blocked by proposed patch. - Zipplugin tests did not change between two test suites, questioning if CVE-2008-2712 covers the new issue as well. Discussion Context: - Reference to previous discussion: Link