CVE-2016-1248

HIGH

vim < 8.0.0056 - Remote Code Execution via Modeline Options

Title source: manual
STIX 2.1

Description

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

References (13)

Core 13
Core References
Patch, Third Party Advisory x_refsource_confirm
http://openwall.com/lists/oss-security/2016/11/22/20
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-3139-1
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1037338
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94478
Patch, Vendor Advisory x_refsource_confirm
https://github.com/vim/vim/releases/tag/v8.0.0056
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2972.html
Patch, Third Party Advisory x_refsource_confirm
https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2016/dsa-3722
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201701-29

Scores

CVSS v3 7.8
EPSS 0.1594
EPSS Percentile 94.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (3)
debian/debian_linux 8.0
n/a/vim before patch 8.0.0056 vim before patch 8.0.0056
vim/vim < 8.0.0055
Published Nov 23, 2016
Tracked Since Feb 18, 2026