CVE-2017-6349

Published: Feb 27, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-201706-26

vendor-advisory

x_refsource_GENTOO

1037949

vdb-entry

x_refsource_SECTRACK

https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c

x_refsource_MISC

96451

vdb-entry

x_refsource_BID

https://groups.google.com/forum/#%21topic/vim_dev/LAgsTcdSfNA

x_refsource_MISC

https://groups.google.com/forum/#%21topic/vim_dev/QPZc0CY9j3Y

x_refsource_MISC

USN-4309-1

vendor-advisory

x_refsource_UBUNTU

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-6349

Description

Affected Products

References