VYPR

rpm package

suse/vim&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4

pkg:rpm/suse/vim&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4

Vulnerabilities (2)

  • CVE-2017-5953CriFeb 10, 2017
    affected < 7.2-8.20.8fixed 7.2-8.20.8

    vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

  • CVE-2016-1248HigNov 23, 2016
    affected < 7.2-8.17.1fixed 7.2-8.17.1

    vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.