← CVECheck
HomeVulnerabilities

CVE-2002-1377 — MEDIUM severity vulnerability (vim 6.0 and 6.1, and possibly other versions, allows attacke)

vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.

CVE IDCVE-2002-1377
SeverityMEDIUM
CVSS score4.6
CVSS vectorAV:L/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-12-23
Last modified2026-04-16
Descriptionvim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →