VDB

GCVE-VVD-MAGEIA-2017-275

GCVE-VVD-MAGEIA-2017-275
Advisory Published
Vulnetix · Advisory published August 17, 2017
Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor, does not properly validate values for the "filetype", "syntax" and "keymap" options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened (CVE-2016-1248). A vulnerability has been discovered in Vim where a malformed spell file could cause an integer overflow which is used as the size for memory allocation, resulting in a subsequent buffer overflow (CVE-2017-5953). An integer overflow flaw was found in the way vim handled undo files. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6349). An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files (CVE-2017-6350).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiavim0 (affected), 7.4.430-7.1.mga5 (unaffected)

References

Updated vim packages fix security vulnerabilities
advisory
Updated vim packages fix security vulnerabilities
issue
Updated vim packages fix security vulnerabilities
issue
Updated vim packages fix security vulnerabilities
advisory
Updated vim packages fix security vulnerabilities
advisory

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›