CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
74.2%
A vulnerability in the Vim text editor is related to a boundary error when processing unreliable input data.
Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into
to open a specially crafted file and initiate unauthorized writing and execution of arbitrary
code on the target system
Vim text editor vulnerability is related to boundary conditions in find_next_quote() function.
Exploitation of the vulnerability could allow an attacker acting remotely to trick the victim into
to open a specially crafted file, cause a read error outside of the boundaries, perform a
"denial-of-service attack, modify memory, and execute arbitrary code
The Vim text editor vulnerability involves a boundary error. Exploitation of the vulnerability could allow
an attacker acting remotely to trick the victim into opening a specially crafted file, cause a heap buffer overflow, and execute arbitrary code.
heap buffer overflow and execute arbitrary code on the target system
Vim text editor vulnerability involves a boundary error. Exploitation of the vulnerability could allow
an attacker acting remotely to trick the victim into opening a specially crafted file,
trigger the use of an out-of-range pointer offset and cause the application to crash
A vulnerability in the Vim text editor is related to a boundary error in the skip_string() function. Exploitation
exploitation of the vulnerability could allow a remote attacker to trick the victim into opening a specially crafted file, causing a replay of the file.
a specially crafted file, cause a heap buffer overflow, and execute arbitrary code on the target system.
system
Vim text editor vulnerability is related to a NULL pointer dereferencing bug. Exploitation
exploitation of the vulnerability could allow a remote attacker to trick the victim into opening a specially crafted file and execute the attack.
a specially crafted file and execute a denial of service attack
Vim text editor vulnerability is related to a post-release memory usage error.
Exploitation of the vulnerability could allow an attacker acting remotely to trick a victim into opening a specially crafted file, cause a memory usage error, and perform a denial of service attack.
to open a specially crafted file, trigger a post-release memory usage error, and execute an arbitrary code on the target system.
arbitrary code on the target system
The Vim text editor vulnerability involves a boundary error in the utfc_ptr2len() function. Exploitation
The vulnerability could allow an attacker acting remotely to trick the victim into opening a specially crafted file, causing damage to the target system.
a specially crafted file, cause memory corruption, and execute arbitrary code on the target system
Vim text editor vulnerability is related to a boundary error when entering certain data.
Exploitation of the vulnerability could allow an attacker acting remotely to cause a buffer overflow
stack-based buffer overflow and execute a denial of service attack
The Vim text editor vulnerability involves a boundary error when processing untrusted input data in the vim_regs function.
data in the vim_regsub_both() function. Exploitation of the vulnerability could allow an attacker acting
remotely, trick the victim into opening a specially crafted file, initiate unauthorized
write and execute arbitrary code on the target system
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
Percentile
74.2%