Integer Overflow and Buffer Overflow in Vim (CVE-2017-5953)

Integer Overflow and Buffer Overflow in Vim (CVE-2017-5953)

CVE-2017-5953 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

Learn more about our On Site Uk Pen Test.