Published: 05/02/2024 Updated: 23/02/2024

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

Vim prior to 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
vim vim

DescriptionA stack-based buffer overflow flaw was found in Vim The did_set_langmap function in mapc calls sprintf to write to the error buffer that is passed down to the option callback functions That buffer can be overflown, possibly leading to memory corruption and escalation of privilegesA stack-based buffer overflow flaw was found in ...

CWE-787 https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47 https://gist.githubusercontent.com/henices/2467e7f22dcc2aa97a2453e197b55a0c/raw/7b54bccc9a129c604fb139266f4497ab7aaa94c7/gistfile1.txt https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UI44Y4LJLG34D4HNB6NTPLUPZREHAEL7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UIQLVUSYHDN3644K6EFDI7PRZOTIKXM3/https://security.netapp.com/advisory/ntap-20240223-0008/https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2024-22667

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-22667

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect