While I can see value in fixing the invalid-free instance described,
a vimscript can already call out to any shell command it wants.
  $ echo 'Important file, do not delete'! > important_file.txt
  $ echo "call system('touch demo.txt')" > demo.vim
  $ echo "call system('rm important_file.txt')" >> demo.vim
  $ vim -S demo.vim -cq
  $ ls demo.txt important_file.txt
  demo.txt
So I'm not sure there's any *security* issue here that doesn't come
with being able to execute arbitrary commands.
-tim
On 2017-09-28 18:29, Ramsey, Susanne B. wrote:
> Greetings;
> 
> The National Vulnerability Database (NVD) lists a high
> vulnerability for VIM 8.0.
> https://nvd.nist.gov/vuln/detail/CVE-2017-11109 Vim 8.0 allows
> attackers to cause a denial of service or possibly have unspecified
> other impact via a crafted source (aka -S) file. NOTE: there might
> be a limited number of scenarios in which this has security
> relevance.
> 
> 
> Unfortunately, the info provided in the CVE does not specify if it
> is only the initial release 8.0 or the subsequent patched versions
> that are vulnerable.  I have searched the VIM website readme and
> other documents but can't find the answer, so I am turning to you.
> I appreciate your assistance.  Is the current version still
> vulnerable to the issue noted above or has this been remediated in
> the patch updates?
> 
> Best regards,
> Susanne Ramsey
> 
> 
> -- 
> -- 
> You received this message from the "vim_use" maillist.
> Do not top-post! Type your reply below the text you are replying to.
> For more information, visit http://www.vim.org/maillist.php
> 
> --- 
> You received this message because you are subscribed to the Google
> Groups "vim_use" group. To unsubscribe from this group and stop
> receiving emails from it, send an email to
> vim_use+unsubscribe@googlegroups.com. For more options, visit
> https://groups.google.com/d/optout.
-- 
-- 
You received this message from the "vim_use" maillist.
Do not top-post! Type your reply below the text you are replying to.
For more information, visit http://www.vim.org/maillist.php
--- 
You received this message because you are subscribed to the Google Groups "vim_use" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vim_use+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Friday, September 29, 2017
Subscribe to:
Post Comments (Atom)
 
No comments:
Post a Comment