Buffer Over-read

CVE-2022-1720

High

7.8/10

Summary

Buffer Over-read in function "grab_file_name" in vim versions prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-126 - Buffer Over-read

The software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer.

References

Advisory
Disclosure
Release Note

Advisory Timeline

Published Jun 20, 2022

Buffer Over-read

CVE-2022-1720

Summary

CWE-126 - Buffer Over-read

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS