CVE-2025-1215

Published Feb 12, 2025

Last updated 10 days ago

CVSS low 2.4

Overview

Description
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.
Source
cna@vuldb.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
2.4
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
LOW

CVSS 3.1

Type
Secondary
Base score
2.8
Impact score
1.4
Exploitability score
1.3
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
Severity
LOW

CVSS 2.0

Type
Secondary
Base score
1.7
Impact score
2.9
Exploitability score
3.1
Vector string
AV:L/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

cna@vuldb.com
CWE-119

Social media

Hype score
Not currently trending

  1. CVE-2025-1215 A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argum… https://t.co/Ck7Mdtws97

    @CVEnew

    12 Feb 2025

    91 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References