Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-1248Improper Input Validation in Neovim

CWE-20Improper Input ValidationCWE-138Improper Neutralization of Special Elements10 documents9 sources
Severity
7.8HIGHNVD
EPSS
15.9%
top 5.23%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
5
VIMDebian NeovimDebian VIM+2 more
Timeline
PublishedNov 23
Latest updateMay 17

Description

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

debiandebian/vim< neovim 0.1.6-4 (bookworm)
debiandebian/neovim< neovim 0.1.6-4 (bookworm)
Debianvim/vim< 2:8.0.0095-1+3
NVDvim/vim8.0.0055
Appleapple/macos_sierra10.12.3

Also affects: Debian Linux 8.0

Patches

Patch: openwall.comPatch: anonscm.debian.orgPatch: github.com

🔴Vulnerability Details

2
GHSA
GHSA-6q4x-827v-ffwx: vim before patch 82022-05-17
OSV
CVE-2016-1248: vim before patch 82016-11-23

💥Exploits & PoCs

1
Exploit-DB
Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution2019-06-04

📋Vendor Advisories

4
Apple
CVE-2016-1248: macOS Sierra 10.12.32017-01-23
Ubuntu
Vim vulnerability2016-11-29
Red Hat
vim: Lack of validation of values for few options results in code exection2016-11-20
Debian
CVE-2016-1248: neovim - vim before patch 8.0.0056 does not properly validate values for the 'filetype', ...2016

💬Community

2
Bugzilla
CVE-2016-1248 vim: Lack of validation of values for few options results in code exection [fedora-all]2016-11-24
Bugzilla
CVE-2016-1248 vim: Lack of validation of values for few options results in code exection2016-11-24