VYPR

rpm package

suse/vim&distro=SUSE Linux Enterprise Server 12 SP2

pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2

Vulnerabilities (4)

  • CVE-2017-6350CriFeb 27, 2017
    affected < 7.4.326-16.1fixed 7.4.326-16.1

    An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

  • CVE-2017-6349CriFeb 27, 2017
    affected < 7.4.326-16.1fixed 7.4.326-16.1

    An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

  • CVE-2017-5953CriFeb 10, 2017
    affected < 7.4.326-16.1fixed 7.4.326-16.1

    vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

  • CVE-2016-1248HigNov 23, 2016
    affected < 7.4.326-7.1fixed 7.4.326-7.1

    vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.