CVE-2022-1720

A heap buffer over-read vulnerability was found in Vim's grabfilename function of the src/findfile.c file. This flaw occurs because the function reads after the NULL terminates the line with "gf" in Visual block mode. This flaw allows an attacker to trick a user into opening a specially crafted...

Buffer overflow

Buffer Over-read in function grabfilename in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. buffer overflow vulnerability exists in versions of Vim prior to 8.2.4956, which stems from a boundary error in the grabfilename function when handling untrusted input. A remote attacker could exploit this vulnerability in causing out-of-bounds reads...

Buffer Over-read in function grab_file_name

Description Buffer Over-read in function grabfilename at findfile.c:1947 vim version git log commit 31ad32a325cc31f0f2bdd530c68bfb856a2187c5 HEAD - master, tag: v8.2.4949, origin/master, origin/HEAD POC ./vim -u NONE -i NONE -n -m -X -Z -e -s -S /mnt/share/max/fuzz/poc/vim/poch5s.dat -c :qa!...