#VU33446 Integer overflow - CVE-2017-6349

Cybersecurity Help s.r.o.

Published: 2017-02-27 | Updated: 2020-08-04

Vulnerability identifier: #VU33446

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2017-6349

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows.

Mitigation
Install update from vendor's website.

External links
https://www.securityfocus.com/bid/96451
https://www.securitytracker.com/id/1037949
https://github.com/vim/vim/commit/3eb1637b1bba19519885dd6d377bd5596e91d22c
https://groups.google.com/forum/#!topic/vim_dev/LAgsTcdSfNA
https://groups.google.com/forum/#!topic/vim_dev/QPZc0CY9j3Y
https://security.gentoo.org/glsa/201706-26
https://usn.ubuntu.com/4309-1/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Dell Data Protection Central

Multiple vulnerabilities in Dell EMC SRM and Dell EMC Storage Monitoring and Reporting (SMR)

Multiple vulnerabilities in Dell Cloud Tiering Appliance

Multiple vulnerabilities in Dell Secure Connect Gateway

SUSE update for vim

Gentoo update for Vim, gVim

Amazon Linux AMI update for vim