Executive Summary

Informations
Name CVE-2025-24014 First vendor Publication 2025-01-20
Vendor Cve Last vendor Modification 2025-01-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically doesn't show a screen and just operates silently in batch mode. However, it is still possible to trigger the function that handles the scrolling of a gui version of Vim by feeding some binary characters to Vim. The function that handles the scrolling however may be triggering a redraw, which will access the ScreenLines pointer, even so this variable hasn't been allocated (since there is no screen). This vulnerability is fixed in 9.1.1043.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-24014

Sources (Detail)

http://www.openwall.com/lists/oss-security/2025/01/20/4
http://www.openwall.com/lists/oss-security/2025/01/21/1
https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919
https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2025-01-21 09:20:29
  • Multiple Updates
2025-01-21 05:20:33
  • First insertion