sıx wrote: > I have tested two ways now: > > 1. Copy to clipboard from browser. > 2. Open Vim > 3. :r! cat > 4. Paste and wait. > 5. Payloag gets executed, but in this case it's a bit harder to hide the > fact of the exploitation. In the previous case I wrote the user at best > sees only that the screen blinks.
This is not different from doing this in a shell. Would you claim the shell is vulnerability? I don't think so. I also don't think this is a common use case. > 1. Copy to clipboard from browser. > 2. Create a new file with another text editor and save the clipboard > content. > 3. Open Vim > 4. :r! cat file_created.txt > 5. Does not get executed. Instead of another text editor you can use Vim, so long as you make sure you paste it from the clipboard into Vim, not pasting into the terminal, which then forwards it to Vim as if it was typed. So you could say the terminal is vulnerable. Again, this especially applies when copy/pasting a command into a shell. So far I haven't seen anything wrong about what Vim is doing, it's just doing what the user ordered. So yes, if you paste stuff you have to be careful that it doesn't contain bad things. That's normal. -- You cannot propel yourself forward by patting yourself on the back. /// Bram Moolenaar -- [email protected] -- http://www.Moolenaar.net \\\ /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\ \\\ an exciting new programming language -- http://www.Zimbu.org /// \\\ help me help AIDS victims -- http://ICCF-Holland.org /// -- -- You received this message from the "vim_dev" maillist. Do not top-post! Type your reply below the text you are replying to. For more information, visit http://www.vim.org/maillist.php --- You received this message because you are subscribed to the Google Groups "vim_dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
