Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-1248

Опубликовано: 23 нояб. 2016
Источник: debian
EPSS Средний

Описание

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
vimfixed2:8.0.0095-1package
neovimfixed0.1.6-4package

Примечания

  • Fixed by: https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a

  • Fixed by (neovim): https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040

EPSS

Процентиль: 96%
0.23182
Средний

Связанные уязвимости

ubuntu логотип

CVE-2016-1248

CVSS3: 7.8
ubuntu
почти 9 лет назад

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

redhat логотип

CVE-2016-1248

CVSS3: 7.5
redhat
почти 9 лет назад

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

nvd логотип

CVE-2016-1248

CVSS3: 7.8
nvd
почти 9 лет назад

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

suse-cvrf логотип

openSUSE-SU-2016:2993-1

suse-cvrf
почти 9 лет назад

Security update for vim

suse-cvrf логотип

openSUSE-SU-2016:2992-1

suse-cvrf
почти 9 лет назад

Security update for vim

EPSS

Процентиль: 96%
0.23182
Средний