Published: 17/09/2022 Updated: 07/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Heap-based Buffer Overflow in GitHub repository vim/vim before 9.0.0483.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim
fedoraproject fedora 35
fedoraproject fedora 36
fedoraproject fedora 37
debian debian linux 10.0

A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext() function of the src/insexpandc file This flaw occurs when vim tries to access uninitialized memory when completing a long line This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that cause ...

Description The MITRE CVE dictionary describes this issue as: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 900483 ...

CWE-122 https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html https://security.gentoo.org/glsa/202305-16 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-1975.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-3234

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect