Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2017-5953

Опубликовано: 10 фев. 2017
Источник: debian

Описание

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
vimfixed2:8.0.0197-2package
neovimfixed0.1.7-4package

Примечания

  • Fixed by https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d

Связанные уязвимости

ubuntu логотип

CVE-2017-5953

CVSS3: 9.8
ubuntu
почти 9 лет назад

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

redhat логотип

CVE-2017-5953

CVSS3: 2.5
redhat
около 9 лет назад

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

nvd логотип

CVE-2017-5953

CVSS3: 9.8
nvd
почти 9 лет назад

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

suse-cvrf логотип

openSUSE-SU-2017:0511-1

suse-cvrf
почти 9 лет назад

Security update for vim

suse-cvrf логотип

SUSE-SU-2017:1775-1

suse-cvrf
больше 8 лет назад

Security update for vim