Published: 27/02/2017 Updated: 07/11/2023

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim

Debian Bug report logs - #856266 vim: CVE-2017-6349 CVE-2017-6350 Package: src:vim; Maintainer for src:vim is Debian Vim Maintainers <team+vim@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 27 Feb 2017 09:48:01 UTC Severity: important Tags: patch, security, upstream Found in ve ...

An integer overflow flaw was found in the way vim handled tree length values when reading an undo file This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6350) An integer overflow flaw was found in the way vim handled undo files This bug could result in vim crashing when trying to process corrupted undo f ...

An integer overflow flaw was found in the way vim handled undo files This bug could result in vim crashing when trying to process corrupted undo files ...

CWE-190 https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c http://www.securityfocus.com/bid/96451 https://security.gentoo.org/glsa/201706-26 http://www.securitytracker.com/id/1037949 https://usn.ubuntu.com/4309-1/https://groups.google.com/forum/#%21topic/vim_dev/LAgsTcdSfNA https://groups.google.com/forum/#%21topic/vim_dev/QPZc0CY9j3Y https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856266 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2017-809.html https://access.redhat.com/security/cve/cve-2017-6349

CVE-2017-6349

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect