Ubuntu 18.04 ESM : Neovim vulnerability (USN-4862-1)

The remote Ubuntu 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-4862-1 advisory. It was discovered that Neovim incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

The vulnerability of the getchar.c library in the Vim text editor lies in the lack of measures to neutralize special elements used in operating system commands. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the getchar.c library in the Vim text editor is related to the absence of filtering for the “!source” command. This command allows for the execution of arbitrary commands in the operating system. Exploiting this vulnerability enables a perpetrator to access confidential data,...

NewStart CGSL MAIN 4.06 : vim Vulnerability (NS-SA-2019-0177)

The remote NewStart CGSL host, running version MAIN 4.06, has vim packages installed that are affected by a vulnerability: - getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by...

openSUSE Security Update : vim (openSUSE-2019-1561)

This update for vim fixes the following issue : Security issue fixed : - CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c bsc1137443. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and...

SUSE SLED12 / SLES12 Security Update : vim (SUSE-SU-2019:1456-1)

This update for vim fixes the following issue : Security issue fixed : CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c bsc1137443. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenab...