Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:42887
HistoryAug 22, 2023 - 12:58 p.m.

Denial Of Service (DoS)

2023-08-2212:58:31
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
vim
denial of service
vulnerability
null pointer
local attacker

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

19.6%

vim is vulnerable to Denial of Service (DoS) attacks. This vulnerability allows a local attacker to cause a denial of service (DoS) by tricking a user into opening a specially crafted file due to a null pointer dereference in the ex_buffer_all function.

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

19.6%