Описание
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 2:9.0.1672-1ubuntu2 |
| esm-infra-legacy/trusty | ignored | change too intrusive |
| esm-infra/bionic | ignored | change too intrusive |
| esm-infra/focal | ignored | change too intrusive |
| esm-infra/xenial | ignored | change too intrusive |
| focal | ignored | end of standard support, was ignored [change too intrusive] |
| jammy | ignored | change too intrusive |
| kinetic | ignored | end of life, was needs-triage |
| lunar | not-affected | 2:9.0.1000-4ubuntu3.1 |
Показывать по
Ссылки на источники
EPSS
7.8 High
CVSS3
Связанные уязвимости
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing a ...
The target's backtrace indicates that libc has detected a heap error or that the target was executing a heap function when it stopped. This could be due to heap corruption, passing a bad pointer to a heap function such as free(), etc. Since heap errors might include buffer overflows, use-after-free situations, etc. they are generally considered exploitable.
EPSS
7.8 High
CVSS3