CVE-2016-1248

Summary

vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.

Affected Software

VendorProductVersion RangeStatus
n/avim before patch 8.0.0056vim before patch 8.0.0056affected

Weaknesses

  • OS command injection

ADP Enrichment

CVE Program Container

Additional References

References