CVE-2017-6350

🗓️ 27 Feb 2017 07:00:59Reported by mitreType

An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. NV

Reporter	Title	Published	Views	Family All 49
UbuntuCve	CVE-2017-6350	27 Feb 201700:00	–	ubuntucve
Tenable Nessus	EulerOS 2.0 SP2 : vim (EulerOS-SA-2017-1149)	8 Aug 201700:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2017-6350	4 Mar 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP1 : vim (EulerOS-SA-2017-1148)	8 Aug 201700:00	–	nessus
Tenable Nessus	Debian DLA-850-1 : vim security update	10 Mar 201700:00	–	nessus
Tenable Nessus	Photon OS 1.0: Vim PHSA-2017-0007 (deprecated)	17 Aug 201800:00	–	nessus
Tenable Nessus	Photon OS 1.0: Vim PHSA-2017-0007	7 Feb 201900:00	–	nessus
Tenable Nessus	Fedora 25 : 2:vim (2017-8494d0142c)	3 Mar 201700:00	–	nessus
Tenable Nessus	Fedora 24 : 2:vim (2017-e9171a0c00)	6 Mar 201700:00	–	nessus
Tenable Nessus	Amazon Linux AMI : vim (ALAS-2017-809)	30 Mar 201700:00	–	nessus

Nvd

Node

vim vimRange≤8.0.0377

Source	Link
securityfocus	www.securityfocus.com/bid/96448
github	www.github.com/vim/vim/commit/0c8485f0e4931463c0f7986e1ea84a7d79f10c75
securitytracker	www.securitytracker.com/id/1037949
security	www.security.gentoo.org/glsa/201706-26
usn	www.usn.ubuntu.com/4309-1/
groups	www.groups.google.com/forum/
groups	www.groups.google.com/forum/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo