Security News > 2019 > June > Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor
2019-06-10 18:33
Linux users, beware! If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful command-line
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/-kLUXaXKpeY/linux-vim-vulnerability.html
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-05 | CVE-2019-12735 | OS Command Injection vulnerability in multiple products getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. | 8.6 |