VYPR
Unrated severityNVD Advisory· Published Jan 10, 2005· Updated Jun 16, 2026

CVE-2004-1138

CVE-2004-1138

Description

VIM before 6.3 and gVim before 6.3 allow local users to execute arbitrary commands via a file containing a crafted modeline that is executed when the file is viewed using options such as (1) termcap, (2) printdevice, (3) titleold, (4) filetype, (5) syntax, (6) backupext, (7) keymap, (8) patchmode, or (9) langmenu.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

18
  • Vim/Vim17 versions
    cpe:2.3:a:vim_development_group:vim:5.0:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:vim_development_group:vim:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:5.8:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.3.011:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.3.025:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.3.030:*:*:*:*:*:*:*
    • cpe:2.3:a:vim_development_group:vim:6.3.044:*:*:*:*:*:*:*
    • (no CPE)range: <6.3
  • Vim/Gvimllm-fuzzy
    Range: <6.3

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.