[VIM] "external user-complicit attackers"

Steven M. Christey coley at mitre.org
Thu Aug 18 22:57:57 EDT 2005


This isn't exactly an official announcement, and it's subject to
change, but I figured I'd let people know that I've started to use the
phrase "external user-complicit attackers" to describe attack
scenarios where an attacker who's external to an application needs to
convince a user - generally through social engineering - to access a
file and load it into a vulnerable application to trigger a
vulnerability.  This is one small step in addressing part of the
long-standing "local vs. remote" terminology problem.

The term is clunky but I'll probably stick to it until something
better comes along.  All ideas are welcome :-)

Some CVE examples are below.

- Steve


======================================================
Candidate: CAN-2005-2471
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2471
Reference: MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=319757
Reference: SECUNIA:16184
Reference: URL:http://secunia.com/advisories/16184
Reference: TRUSTIX:2005-0038
Reference: URL:http://www.trustix.org/errata/2005/0038/

pstopnm in netpbm does not properly use the "-dSAFER" option when
calling Ghostscript to convert convert a PostScript file into a (1)
PBM, (2) PGM, or (3) PNM file, which allows external user-complicit
attackers to execute arbitrary commands.


======================================================
Candidate: CAN-2005-2501
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2501
Reference: APPLE:APPLE-SA-2005-08-15
Reference: URL:http://lists.apple.com/archives/security-announce/2005//Aug/msg00000.html

Buffer overflow in AppKit for Mac OS X 10.3.9 and 10.4.2, as used in
applications such as TextEdit, allow external user-complicit attackers
to execute arbitrary code via a crafted Microsoft Word file.




More information about the VIM mailing list