Vulnerability Details : CVE-2016-1248
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
Vulnerability category: Input validation
Products affected by CVE-2016-1248
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:vim:vim:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-1248
76.38%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-1248
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-1248
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-1248
-
https://lists.debian.org/debian-lts-announce/2016/11/msg00025.html
[SECURITY] [DLA 718-1] vim security updateMailing List;Third Party Advisory
-
https://anonscm.debian.org/cgit/pkg-vim/vim.git/tree/debian/changelog
404 Not FoundPatch;Third Party Advisory
-
https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
patch 8.0.0056 · vim/vim@d0b5138 · GitHubPatch;Vendor Advisory
-
https://lists.debian.org/debian-security-announce/2016/msg00305.html
[SECURITY] [DSA 3722-1] vim security updateThird Party Advisory
-
http://www.ubuntu.com/usn/USN-3139-1
USN-3139-1: Vim vulnerability | Ubuntu security notices
-
https://github.com/vim/vim/releases/tag/v8.0.0056
Release v8.0.0056: patch 8.0.0056 · vim/vim · GitHubPatch;Vendor Advisory
-
http://www.securityfocus.com/bid/94478
Neovim CVE-2016-1248 Command Execution Vulnerability
-
https://security.gentoo.org/glsa/201701-29
Vim, gVim: Remote execution of arbitrary code (GLSA 201701-29) — Gentoo security
-
http://www.debian.org/security/2016/dsa-3722
Debian -- Security Information -- DSA-3722-1 vim
-
http://www.securitytracker.com/id/1037338
Vim modeline 'filetype' Input Validation Flaw Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040
vim-patch:8.0.0056 · neovim/neovim@4fad66f · GitHubPatch;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-2972.html
RHSA-2016:2972 - Security Advisory - Red Hat Customer Portal
-
http://openwall.com/lists/oss-security/2016/11/22/20
oss-security - vim/neovim: Arbitrary command execution (CVE-2016-1248)Patch;Third Party Advisory
Jump to