2023-03-10 15:24:45 +08:00
|
|
|
FormatVer: 20230308
|
|
|
|
|
Id: CVE-2022-0714
|
|
|
|
|
Belong: system
|
|
|
|
|
PocHazardLevel: low
|
|
|
|
|
Source: https://huntr.dev/bounties/db70e8db-f309-4f3c-986c-e69d2415c3b3/
|
|
|
|
|
SiteInfo:
|
|
|
|
|
Name: Vim是一款基于UNIX平台的编辑器。
|
|
|
|
|
Severity: medium
|
|
|
|
|
Description:
|
|
|
|
|
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4436.
|
|
|
|
|
ScopeOfInfluence:
|
|
|
|
|
vim < 8.2.4436
|
|
|
|
|
References:
|
|
|
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2022-0714
|
|
|
|
|
- https://github.com/vim/vim/commit/4e889f98e95ac05d7c8bd3ee933ab4d47820fdfa
|
|
|
|
|
SiteClassification:
|
|
|
|
|
CvssMetrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
|
|
|
|
|
CvssScore: 5.5
|
|
|
|
|
CveId: CVE-2022-0714
|
|
|
|
|
CweId: CWE-787,CWE-122
|
|
|
|
|
CnvdId: None
|
|
|
|
|
KveId: None
|
|
|
|
|
Tags:
|
|
|
|
|
- cve2022
|
|
|
|
|
- 缓冲区错误
|
|
|
|
|
SiteRequests:
|
|
|
|
|
Implement:
|
|
|
|
|
ImArray:
|
|
|
|
|
- Inter : vim
|
|
|
|
|
InterArgs :
|
|
|
|
|
- -u
|
|
|
|
|
- NONE
|
|
|
|
|
- -i
|
|
|
|
|
- NONE
|
|
|
|
|
- -n
|
|
|
|
|
- -X
|
|
|
|
|
- -Z
|
|
|
|
|
- -e
|
|
|
|
|
- -m
|
|
|
|
|
- -s
|
|
|
|
|
- -S
|
|
|
|
|
Exec : CVE-2022-0714
|
|
|
|
|
Args :
|
|
|
|
|
- -c
|
|
|
|
|
- ":qa!"
|
2023-03-13 12:28:26 +08:00
|
|
|
ExpireTime: 5
|
2023-03-10 15:24:45 +08:00
|
|
|
Inter:
|
|
|
|
|
- ">?: aleph="
|
|
|
|
|
Condition: None
|
