vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
References
Configurations
History
07 Nov 2023, 02:49
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2017-02-10 07:59
Updated : 2023-12-10 12:01
NVD link : CVE-2017-5953
Mitre link : CVE-2017-5953
CVE.ORG link : CVE-2017-5953
JSON object : View
Products Affected
vim
- vim
CWE
CWE-190
Integer Overflow or Wraparound