CVE-2017-1000382

ADVISORY - nist

Summary

VIM version 8.0.1187 (and other versions most likely) ignores umask when creating a swap file ("[ORIGINAL_FILENAME].swp") resulting in files that may be world readable or otherwise accessible in ways not intended by the user running the vi binary.

EPSS Score⁠: 0.00093 (0.260)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-200⁠

Exposure of Sensitive Information to an Unauthorized Actor

ADVISORY - redhat

CWE-266⁠

Incorrect Privilege Assignment

Impacted images

Advisories

NIST

CREATED

9 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2017-1000382⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-200⁠

CVSS SCORE

5.5medium

Debian

CREATED

9 years ago

UPDATED

1 month ago

ADVISORY IDCVE-2017-1000382⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

9 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2017-1000382⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

5.5low

Red Hat

CREATED

9 years ago

UPDATED

5 months ago

ADVISORY IDCVE-2017-1000382⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-266⁠

CVSS SCORE

5.5low