The vulnerability of the `skipwhite` function in the Vim text editor, which allows a hacker to trigger a service failure.

The vulnerability of the skipwhite function in the Vim text editor is related to the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious user to cause a service failure...

Vim has heap-use-after-free at /src/charset.c:1770:12 in skipwhite

...

CVE-2023-48706 Vim has heap-use-after-free at /src/charset.c:1770:12 in skipwhite

Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory which may later...

CVE-2022-3491

A heap-based buffer overflow flaw was found in Vim's skipwhite function of the charset.c file. This issue occurs when reading data past the end of the line when compiling a function with errors. This could allows an attacker to trick a user into opening a specially crafted file, triggering an...

The vulnerability of the `skipwhite` function in the `charset.c` component of the Vim text editor allows a hacker to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the skipwhite function in the charset.c component of the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

PT-2022-7601 · Vim +6 · Vim +6

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.0742 Description: The issue is related to a heap-based buffer overflow in the Vim text editor, specifically in the skipwhite function in charset.c, which can lead to a denial of service when exploited. Recommendation...

Use-After-Free

vim/vim is vulnerable to use-after-free. The vulnerability exists in skipwhite which allows an attacker to cause a memory exhaustion leading to an application crash...

The vulnerability of the skipwhite() function in the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the skipwhite function rc/spell.c in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

Vim 资源管理错误漏洞

Vim is a cross-platform text editor. A security vulnerability exists in versions prior to Vim 9.0.0046 that originates from a heap use-after-free in the function skipwhite, which can be exploited by an attacker to trigger a denial of service and potentially run code...

Heap Use After Free in function skipwhite

Description Heap Use After Free in function skipwhite at charset.c:1428 vim version git log commit 324478037923feef1eb8a771648e38ade9e5e05a HEAD - master, tag: v9.0.0042, origin/master, origin/HEAD POC ./afl/src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ./pochuaf4s.dat -c :qa!...

PT-2022-5218 · Vim +6 · Vim +6

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.0046 Description: The issue is related to a use after free error in the skipwhite function of the charset.c component in the Vim text editor. This could allow a remote attacker to access sensitive data, compromise da...

The vulnerability of the `skipwhite` function in the Vim text editor allows a hacker to execute arbitrary code.

The vulnerability of the skipwhite function in the Vim text editor is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

Null pointer dereference in function skipwhite

Description Null pointer dereference in function skipwhite at charset.c:1428 Version commit c101abff4c6756db4f5e740fde289decb9452efa HEAD - master, tag: v8.2.5164 Proof of Concept guest@elk:/trung$ valgrind ./vimlatest/src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ./poc/poc40min -c :qa! ==32519==...

CVE-2022-2042

A heap use-after-free vulnerability was found in Vim's skipwhite function of the src/charset.c file. This flaw occurs because of an uninitialized attribute value and freed memory in the spell command. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a...