6.8
CVSSv2

CVE-2016-1248

Published: 23/11/2016 Updated: 28/07/2017
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Summary

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

Vulnerability Trend

Affected Products

Vendor Product Versions
VimVim8.0.0055
DebianDebian Linux8.0

Vendor Advisories

Synopsis Moderate: vim security update Type/Severity Security Advisory: Moderate Topic An update for vim is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Syste ...
Vim could be made to run programs as your login if it opened a specially crafted file ...
Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the filetype, syntax and keymap options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened For the stable distribution (jessie), this problem has been fixed in version 2:7448 ...
A vulnerability was found in vim in how certain modeline options were treated An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim (modelines are disabled by default for root, and enabled by default for other users) ...
Arch Linux Security Advisory ASA-201611-29 ========================================== Severity: High Date : 2016-11-29 CVE-ID : CVE-2016-1248 Package : neovim Type : arbitrary command execution Remote : No Link : wikiarchlinuxorg/indexphp/CVE Summary ======= The package neovim before version 017-1 is vulnerable to arbitra ...
A vulnerability was found in vim in how certain modeline options were treated An attacker could craft a file that, when opened in vim with modelines enabled, could execute arbitrary commands with privileges of the user running vim ...
A vulnerability has been discovered in vim which would allow arbitrary shell commands to be run if a user opened a file with a malicious modeline This is due to lack of validation of values for a few options Those options' values are then used in vim's scripts to build a command string that's evaluated by execute, which is what allows the shell c ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...
Oracle Solaris Third Party Bulletin - April 2017 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Upda ...
Oracle Linux Bulletin - January 2017 Description The Oracle Linux Bulletin lists all CVEs that had been resolved and announced in Oracle Linux Security Advisories (ELSA) in the last one month prior to the release of the bulletin Oracle Linux Bulletins are published on the same day as Oracle Critical ...
Oracle VM Server for x86 Bulletin - January 2017 Description The Oracle VM Server for x86 Bulletin lists all CVEs that had been resolved and announced in Oracle VM Server for x86 Security Advisories (OVMSA) in the last one month prior to the release of the bulletin Oracle VM Server for x86 Bulletins are pub ...