Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case.
References
Configurations
History
13 Feb 2023, 02:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Heap-based buffer overflow in the mch_expand_wildcards function in os_unix.c in Vim 6.2 and 6.3 allows user-assisted attackers to execute arbitrary code via shell metacharacters in filenames, as demonstrated by the netrw.v3 test case. |
02 Feb 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2008-3432 vim: heap buffer overflow in mch_expand_wildcards() | |
References |
|
Information
Published : 2008-10-10 10:30
Updated : 2023-12-10 10:51
NVD link : CVE-2008-3432
Mitre link : CVE-2008-3432
CVE.ORG link : CVE-2008-3432
JSON object : View
Products Affected
vim
- vim
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer