Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43601
HistoryOct 08, 2023 - 11:09 p.m.

Buffer Overflow

2023-10-0823:09:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
vim
heap overflow
vulnerability
software

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

24.3%

vim is vulnerable to Buffer Overflow. The vulnerability exists due to the heap based buffer overflow in the library, which allows an attacker to cause an application crash.

Affected configurations

Vulners
Node
veracodevim\Matchsid2\8.2.1913-1+b2
OR
veracodevim\Matchsid2\8.2.2434-3
OR
veracodevim\Matchsid2\8.2.1913-1+b2
OR
veracodevim\Matchsid2\8.2.2434-3
VendorProductVersionCPE
veracodevim\sidcpe:2.3:a:veracode:vim\:sid:2\:8.2.1913-1+b2:*:*:*:*:*:*:*
veracodevim\sidcpe:2.3:a:veracode:vim\:sid:2\:8.2.2434-3:*:*:*:*:*:*:*

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

24.3%