7.5
CVSSv2

CVE-2017-6349

Published: 27/02/2017 Updated: 13/08/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

Affected Products

Vendor Product Versions
VimVim8.0.0376

Vendor Advisories

Debian Bug report logs - #856266 vim: CVE-2017-6349 CVE-2017-6350 Package: src:vim; Maintainer for src:vim is Debian Vim Maintainers <team+vim@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 27 Feb 2017 09:48:01 UTC Severity: important Tags: patch, security, upstream Found in ve ...
An integer overflow flaw was found in the way vim handled undo files This bug could result in vim crashing when trying to process corrupted undo files ...
An integer overflow flaw was found in the way vim handled tree length values when reading an undo file This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6350 ) An integer overflow flaw was found in the way vim handled undo files This bug could result in vim crashing when trying to process corrupted undo ...