[VIM] CVE-2007-3242 (fwd)
Steven M. Christey
coley at linus.mitre.org
Wed Jun 20 19:59:55 UTC 2007
Just after forwarding the email, I noticed this from the code the
developer mentioned:
> unless ($input_to_check =~ /^[\w \:\.\/?-]/ ){
> error("You entered an invalid character. You may only enter letters,
> slashes, numbers, underscores, spaces, periodes, points, questions marks
> and hyphens. Kindly try again.");
This appears to be a poorly anchored regexp that only checks the first
character, so theoretically, the following would count as valid:
A<script>alert('VALID');</script>
I have an inquiry into the developer about this suspicious code, which I
would imagine would be in heavy use in their application.
- Steve
More information about the VIM
mailing list