Vulnerabilities > CVE-2021-3903
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
vim is vulnerable to Heap-based Buffer Overflow
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2022/01/15/1
- http://www.openwall.com/lists/oss-security/2022/01/15/1
- https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43
- https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43
- https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8
- https://huntr.dev/bounties/35738a4f-55ce-446c-b836-2fb0b39625f8
- https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html
- https://lists.debian.org/debian-lts-announce/2022/06/msg00014.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BN4EX7BPQU7RP6PXCNCSDORUZBXQ4JUH/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DU26T75PYA3OF7XJGNKMT2ZCQEU4UKP5/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNXY7T5OORA7UJIMGSJBGHFMU6UZWS6P/