{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"critical"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2008-3076","title":"Title"},{"category":"description","text":"The Netrw plugin 125 in netrw.vim in Vim 7.2a.10 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames used by the execute and system functions within the (1) mz and (2) mc commands, as demonstrated by the netrw.v2 and netrw.v3 test cases.  NOTE: this issue reportedly exists because of an incomplete fix for CVE-2008-2712.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2008-3076","url":"https://www.suse.com/security/cve/CVE-2008-3076"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 406693 for CVE-2008-3076","url":"https://bugzilla.suse.com/406693"},{"category":"external","summary":"Advisory link for SUSE-SR:2009:007","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NOZXT5CRBFF3XA2BV65LMEOU4RCEEGD5/#NOZXT5CRBFF3XA2BV65LMEOU4RCEEGD5"}],"title":"SUSE CVE CVE-2008-3076","tracking":{"current_release_date":"2023-12-09T03:38:36Z","generator":{"date":"2023-02-15T06:07:46Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2008-3076","initial_release_date":"2023-02-15T06:07:46Z","revision_history":[{"date":"2023-02-15T06:07:46Z","number":"2","summary":"Current version"},{"date":"2023-12-08T05:16:12Z","number":"3","summary":"Current version"},{"date":"2023-12-09T03:38:36Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}