Multiple vulnerabilities in Vim



Published: 2022-06-27
Risk Medium
Patch available YES
Number of vulnerabilities 17
CVE-ID CVE-2022-2175
CVE-2022-2042
CVE-2022-2210
CVE-2022-2208
CVE-2022-2207
CVE-2022-2206
CVE-2022-2183
CVE-2022-2182
CVE-2022-1720
CVE-2022-1886
CVE-2022-2129
CVE-2022-2126
CVE-2022-2125
CVE-2022-2124
CVE-2022-2000
CVE-2022-1968
CVE-2022-1942
CWE-ID CWE-125
CWE-416
CWE-787
CWE-476
CWE-122
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Vim
Client/Desktop applications / Office applications

Vendor

Security Bulletin

This security bulletin contains information about 17 vulnerabilities.

1) Out-of-bounds read

EUVDB-ID: #VU64713

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2175

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in ex_getln.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5148


CPE2.3 External links

http://github.com/vim/vim/commit/6046aded8da002b08d380db29de2ba0268b6616e
http://huntr.dev/bounties/7f0481c2-8b57-4324-b47c-795d1ea67e55

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Use-after-free

EUVDB-ID: #VU64706

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2042

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in spell.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5072


CPE2.3 External links

http://huntr.dev/bounties/8628b4cd-4055-4059-aed4-64f7fdc10eba
http://github.com/vim/vim/commit/2813f38e021c6e6581c0c88fcf107e41788bc835

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

3) Out-of-bounds write

EUVDB-ID: #VU64707

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2210

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in diff.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5164


CPE2.3 External links

http://huntr.dev/bounties/020845f8-f047-4072-af0f-3726fe1aea25
http://github.com/vim/vim/commit/c101abff4c6756db4f5e740fde289decb9452efa

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

4) NULL pointer dereference

EUVDB-ID: #VU64708

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2208

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in diff.c. A remote attacker can perform a denial of service (DoS) attack.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Vim: before 8.2.5163


CPE2.3 External links

http://github.com/vim/vim/commit/cd38bb4d83c942c4bad596835c6766cbf32e5195
http://huntr.dev/bounties/7bfe3d5b-568f-4c34-908f-a39909638cc1

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

5) Heap-based buffer overflow

EUVDB-ID: #VU64709

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2207

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in edit.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5162


CPE2.3 External links

http://huntr.dev/bounties/05bc6051-4dc3-483b-ae56-cf23346b97b9
http://github.com/vim/vim/commit/0971c7a4e537ea120a6bb2195960be8d0815e97b

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

6) Out-of-bounds read

EUVDB-ID: #VU64710

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2206

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in term.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5160


CPE2.3 External links

http://huntr.dev/bounties/01d01e74-55d0-4d9e-878e-79ba599be668
http://github.com/vim/vim/commit/e178af5a586ea023622d460779fdcabbbfac0908

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

7) Out-of-bounds read

EUVDB-ID: #VU64711

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2183

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in indent.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5151


CPE2.3 External links

http://github.com/vim/vim/commit/8eba2bd291b347e3008aa9e565652d51ad638cfa
http://huntr.dev/bounties/d74ca3f9-380d-4c0a-b61c-11113cc98975

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

8) Heap-based buffer overflow

EUVDB-ID: #VU64712

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2182

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in ex_docmd.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5150


CPE2.3 External links

http://github.com/vim/vim/commit/f7c7c3fad6d2135d558f3b36d0d1a943118aeb5e
http://huntr.dev/bounties/238d8650-3beb-4831-a8f7-6f0b597a6fb8

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

9) Out-of-bounds read

EUVDB-ID: #VU64714

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-1720

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in normal.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.4956


CPE2.3 External links

http://github.com/vim/vim/commit/395bd1f6d3edc9f7edb5d1f2d7deaf5a9e3ab93c
http://huntr.dev/bounties/5ccfb386-7eb9-46e5-98e5-243ea4b358a8
http://lists.debian.org/debian-lts-announce/2022/06/msg00014.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

10) Heap-based buffer overflow

EUVDB-ID: #VU64722

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-1886

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in register.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5016


CPE2.3 External links

http://huntr.dev/bounties/fa0ad526-b608-45b3-9ebc-f2b607834d6a
http://github.com/vim/vim/commit/2a585c85013be22f59f184d49612074fd9b115d7
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

11) Out-of-bounds write

EUVDB-ID: #VU64715

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2129

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in ex_docmd.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5126


CPE2.3 External links

http://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352
http://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

12) Out-of-bounds read

EUVDB-ID: #VU64716

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2126

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in spellsuggest.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5123


CPE2.3 External links

http://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8
http://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e
http://lists.debian.org/debian-lts-announce/2022/06/msg00014.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

13) Heap-based buffer overflow

EUVDB-ID: #VU64717

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2125

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in indent.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5122


CPE2.3 External links

http://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705
http://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

14) Out-of-bounds read

EUVDB-ID: #VU64718

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-2124

CWE-ID: CWE-125 - Out-of-bounds Read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in textobject.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5120


CPE2.3 External links

http://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f
http://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42
http://lists.debian.org/debian-lts-announce/2022/06/msg00014.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

15) Out-of-bounds write

EUVDB-ID: #VU64719

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-2000

CWE-ID: CWE-787 - Out-of-bounds Write

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a boundary error when processing untrusted input in ex_docmd.c. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5063


CPE2.3 External links

http://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0
http://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4JJNUS4AEVYSEJMCK6JZB57QHD5V2G4O/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

16) Use-after-free

EUVDB-ID: #VU64720

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-1968

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in search.c. A remote attacker can trick the victim to open a specially crafted file, trigger a use-after-free error and execute arbitrary code on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5050


CPE2.3 External links

http://huntr.dev/bounties/949090e5-f4ea-4edf-bd79-cd98f0498a5b
http://github.com/vim/vim/commit/409510c588b1eec1ae33511ae97a21eb8e110895
http://lists.debian.org/debian-lts-announce/2022/06/msg00014.html

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

17) Heap-based buffer overflow

EUVDB-ID: #VU64721

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-1942

CWE-ID: CWE-122 - Heap-based Buffer Overflow

Exploit availability: No

Description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in buffer.c. A remote attacker can trick the victim to open a specially crafted file, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Vim: before 8.2.5043


CPE2.3 External links

http://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071
http://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d
http://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TYNK6SDCMOLQJOI3B4AOE66P2G2IH4ZM/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###