1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
PublicDateAtUSN: 2016-11-23
Candidate: CVE-2016-1248
PublicDate: 2016-11-23
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1248
http://openwall.com/lists/oss-security/2016/11/22/20
https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog
https://github.com/vim/vim/releases/tag/v8.0.0056
https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html
https://lists.debian.org/debian-security-announce/2016/msg00305.html
http://www.ubuntu.com/usn/usn-3139-1
Description:
vim before patch 8.0.0056 does not properly validate values for the
'filetype', 'syntax' and 'keymap' options, which may result in the
execution of arbitrary code if a file with a specially crafted modeline is
opened.
Ubuntu-Description:
Florian Larysch discovered that the Vim text editor did not properly
validate values for the 'filetype', 'syntax', and 'keymap' options.
An attacker could trick a user into opening a file with specially
crafted modelines and possibly execute arbitrary code with the
user's privileges.
Notes:
Bugs:
Priority: medium
Discovered-by: Florian Larysch
Assigned-to:
Patches_vim:
upstream: https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
upstream_vim: released (2:8.0.0095-1)
precise_vim: released (2:7.3.429-2ubuntu2.2)
precise/esm_vim: released (2:7.3.429-2ubuntu2.2)
trusty_vim: released (2:7.4.052-1ubuntu3.1)
vivid/stable-phone-overlay_vim: ignored (reached end-of-life)
vivid/ubuntu-core_vim: needed
xenial_vim: released (2:7.4.1689-3ubuntu1.2)
yakkety_vim: released (2:7.4.1829-1ubuntu2.1)
zesty_vim: not-affected (2:8.0.0095-1ubuntu2)
devel_vim: not-affected (2:8.0.0095-1ubuntu2)
Patches_neovim:
upstream: https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040
upstream_neovim: released (0.1.6-4)
precise_neovim: DNE
precise/esm_neovim: DNE
trusty_neovim: DNE
vivid/stable-phone-overlay_neovim: DNE
vivid/ubuntu-core_neovim: DNE
xenial_neovim: DNE
yakkety_neovim: DNE
zesty_neovim: not-affected (0.1.6-5)
devel_neovim: not-affected (0.1.6-5)
|