CVE-2023-1127

Опубликовано: 01 мар. 2023

Источник: redhat

CVSS3: 7.3

Описание

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

A flaw was found in Vim. A division by zero in the scrolldown function may lead to a denial of service, modified memory, and possibly remote execution.

Отчет

Red Hat Product Security has rated this issue as having a Low security impact, because the "victim" has to run an untrusted file IN SCRIPT MODE. Someone who is running untrusted files in script mode is equivalent to someone just taking a random python script and running it. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	vim	Out of support scope
Red Hat Enterprise Linux 7	vim	Fix deferred
Red Hat Enterprise Linux 8	vim	Fix deferred
Red Hat Enterprise Linux 9	vim	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-369

https://bugzilla.redhat.com/show_bug.cgi?id=2174662vim: Divide By Zero in vim/vim

7.3 High

CVSS3

Связанные уязвимости

CVE-2023-1127

CVSS3: 7.8

ubuntu

больше 2 лет назад

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

CVE-2023-1127

CVSS3: 7.8

nvd

больше 2 лет назад

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

CVE-2023-1127

CVSS3: 7.8

msrc

больше 2 лет назад

Divide By Zero in vim/vim

CVE-2023-1127

CVSS3: 7.8

debian

больше 2 лет назад

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367.

ROS-20230320-01

CVSS3: 7.8

redos

больше 2 лет назад

Уязвимость vim

7.3 High

CVSS3