ALAS2-2023-1975 --- vimID: oval:org.secpod.oval:def:1701199 | Date: (C)2023-03-14 (M)2024-02-19 |
Class: PATCH | Family: unix |
A heap buffer overflow vulnerability was found in vim's ins_compl_infercase_gettext function of the src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completing a long line. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap-based buffer overflow that causes an application to crash, possibly executing code and corrupting memory. A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow vulnerability. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. A flaw was found in vim. The vulnerability occurs due to illegal memory access and leads to a heap buffer overflow. This flaw allows an attacker to input a specially crafted file, leading to a crash or code execution. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. A heap use-after-free vulnerability was found in vim's do_tag function of the src/tag.c file. The issue triggers when the 'tagfunc' closes the window. This flaw allows an attacker to trick a user into opening a specially crafted file, triggering a heap use-after-free that causes an application to crash, possibly executing code and corrupting memory. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. Use After Free in GitHub repository vim/vim prior to 9.0.0490. Use After Free in GitHub repository vim/vim prior to 9.0.0530. NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0577. Use After Free in GitHub repository vim/vim prior to 9.0.0579. Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. Use After Free in GitHub repository vim/vim prior to 9.0.0614. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. A null pointer dereference issue was discovered in function gui_x11_create_blank_mouse in gui_x11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of service or other unspecified impacts. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. Divide By Zero in GitHub repository vim/vim prior to 9.0.1247