MiracleLinux 8 : vim-8.0.1763-16.el8.13 (AXSA:2022-3161:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3161:03 advisory. vim: use after free in utfptr2char CVE-2022-1154 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note...

Astra Linux - уязвимость в vim

Use after free in utfptr2char in GitHub repository vim/vim prior to 8.2.4646...

EUVD-2022-24497

Malicious code in bioql PyPI...

The vulnerability of the utf_ptr2char function in the mbyte.c text editor Vim allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the utfptr2char function in the mbyte.c text editor Vim is related to the execution of an operation outside the buffer’s boundaries in memory. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and even cause service...

heap-buffer-overflow in utf_ptr2char

Description Heap-buffer-overflow in utfptr2char at mbyte.c:1825. vim version git log commit f0300fc7b81e63c2584dc3a763dedea4184d17e5 grafted, HEAD - master, tag: v9.0.1365, origin/master, origin/HEAD Proof of Concept ./vim -u NONE -i NONE -n -m -X -Z -e -s -S poc8hbo.dat -c :qa...

SUSE CVE-2022-1154

Use after free in utfptr2char in GitHub repository vim/vim prior to 8.2.4646...

The vulnerability of the utf_ptr2char function in the Vim text editor allows for reading data beyond the buffer’s boundaries in memory, enabling an attacker to execute arbitrary code.

The vulnerability of the utfptr2char function in the Vim text editor relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

The vulnerability of the utf_ptr2char() function in the Vim text editor allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the utfptr2char function in the Vim text editor is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

vim: buffer over-read in utf_ptr2char() in mbyte.c

A flaw was found in vim. The vulnerability occurs due to Illegal memory access and leads to a buffer over-read vulnerability in the utfptr2char function. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution...

Moderate: vim security update

Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Out-of-bounds Write CVE-2022-1785 vim: out-of-bounds write in vimregsubboth in regexp.c CVE-2022-1897 vim: buffer over-read in utfptr2char in mbyte.c CVE-2022-1927 For more details about the security issues,...

Vim 缓冲区错误漏洞

Vim is a cross-platform text editor. Vim is vulnerable to a buffer overflow vulnerability that stems from a boundary error in the utfptr2char function when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary code on the system...

Out-of-bounds Read in function utf_ptr2char

Description Out-of-bounds Read in function utfptr2char at mbyte.c:1794 vim version git log commit 324478037923feef1eb8a771648e38ade9e5e05a HEAD - master, tag: v9.0.0042, origin/master, origin/HEAD POC ./afl/src/vim -u NONE -i NONE -n -m -X -Z -e -s -S ./pocobr5s.dat -c :qa!...

vim: use after free in utf_ptr2char

A heap use-after-free vulnerability was found in Vim's utfptr2char function of the src/mbyte.c file. This flaw occurs because vim is using a buffer line after it has been freed in the old regexp engine. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering...

Use-After-Free

vim is vulnerable to use after free. The vulnerability exists in utfptr2char function in mbyte.c because the freed memory is used when searching for pattern in path which allows an attacker to cause a memory corruption causing an application crash...

Heap-based Buffer Overflow in function utf_ptr2char

Description Heap-based Buffer Overflow in function utfptr2char at mbyte.c:1794 vim version git log commit e366ed4f2c6fa8cb663f1b9599b39d57ddbd8a2a HEAD - master, tag: v8.2.5136, origin/master, origin/HEAD POC ./vim -u NONE -i NONE -n -m -X -Z -e -s -S /mnt/share/max/fuzz/poc/vim/pochbo3s.dat -c...

EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-1769)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - vim is vulnerable to Heap-based Buffer Overflow CVE-2021-3984, CVE-2021-4019, CVE-2022-0213 - vim is vulnerable to Use After Free CVE-2021-4069,...

Buffer Over-read in function utf_ptr2char

Description Buffer Over-read in function utfptr2char at mbyte.c:1794 vim version git log commit 31d9948e3a2529c2f619d56bdb48291dc261233d HEAD - master, tag: v8.2.5026, origin/master, origin/HEAD POC ./vim -u NONE -i NONE -n -m -X -Z -e -s -S /mnt/share/max/fuzz/poc/vim/poch10ns.dat -c :qa!...

Debian DLA-3011-1 : vim - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3011 advisory. - Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-0261, CVE-2022-0572 - Access of Memory Location Before Start of Buffer in GitHub...

Oracle Linux 8 : vim (ELSA-2022-1552)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1552 advisory. 8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.13 - CVE-2022-1154 vim: use after free in utfptr2char Tenable has extracted the...

vim security update

8.0.1763-16.0.1 - - Remove upstream references Orabug: 31197557 2:8.0.1763-16.13 - CVE-2022-1154 vim: use after free in utfptr2char...