CVE: CVE-2005-0069 CVSS Base Score: 2.6 CVSS Metrics: - Access Vector: Local - Access Complexity: High - Authentication: Not Required - Confidentiality Impact: None - Integrity Impact: Partial - Availability Impact: Partial Affected Products: Vim Vim 6.3 Vulnerable Code/Configurations: - Later versions of Vim have a new, incomplete tcl library feature that permits arbitrary files on the system with user privileges. Consequences: File Manipulation Remedy: - For Ubuntu Linux: Upgrade to the latest Vim package (6.3-025+1ubuntu2.2 or later), as listed in USN-61-1 January 18, 2005 for more information. See References. - For Red Hat Linux (Vim): Refer to RHSA-2005:036-10 or RHSA-2005:122-04 for patch, upgrade, or suggested workaround information. See References. - For other distributions: contact your vendor for upgrade or patch information. References: - BID-12253 - CVE-2005-0069 - Vim Web site - SECTRACK ID: 1012938