English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2023.6420.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-6420-1)
Summary:The remote host is missing an update for the 'vim' package(s) announced via the USN-6420-1 advisory.
Description:Summary:
The remote host is missing an update for the 'vim' package(s) announced via the USN-6420-1 advisory.

Vulnerability Insight:
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (CVE-2022-3235, CVE-2022-3278,
CVE-2022-3297, CVE-2022-3491)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-3352, CVE-2022-4292)

It was discovered that Vim incorrectly handled memory when replacing in
virtualedit mode. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, and Ubuntu 22.04 LTS. (CVE-2022-3234)

It was discovered that Vim incorrectly handled memory when autocmd changes
mark. An attacker could possibly use this issue to cause a denial of
service. (CVE-2022-3256)

It was discovered that Vim did not properly perform checks on array index
with negative width window. An attacker could possibly use this issue to
cause a denial of service, or execute arbitrary code. (CVE-2022-3324)

It was discovered that Vim did not properly perform checks on a put command
column with a visual block. An attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-3520)

It was discovered that Vim incorrectly handled memory when using autocommand
to open a window. An attacker could possibly use this issue to cause a
denial of service. (CVE-2022-3591)

It was discovered that Vim incorrectly handled memory when updating buffer
of the component autocmd handler. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 20.04 LTS,
and Ubuntu 22.04 LTS. (CVE-2022-3705)

It was discovered that Vim incorrectly handled floating point comparison
with incorrect operator. An attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 20.04 LTS. and Ubuntu
22.04 LTS. (CVE-2022-4293)

Affected Software/OS:
'vim' package(s) on Ubuntu 14.04, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2022-3234
https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LSSEWQLK55MCNT4Z2IIJEJYEI5HLCODI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTBVD4J2SKVSWK4VBN5JP5OEVK6GDS3N/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QI7AETXBHPC7SGA77Q7O5IEGULWYET7/
https://security.gentoo.org/glsa/202305-16
https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d
https://lists.debian.org/debian-lts-announce/2022/11/msg00009.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-3235
https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af
https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0
https://lists.debian.org/debian-lts-announce/2022/11/msg00032.html
Common Vulnerability Exposure (CVE) ID: CVE-2022-3256
https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3
https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad
Common Vulnerability Exposure (CVE) ID: CVE-2022-3278
https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612
https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e
Common Vulnerability Exposure (CVE) ID: CVE-2022-3297
https://huntr.dev/bounties/1aa9ec92-0355-4710-bf85-5bce9effa01c
https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c
Common Vulnerability Exposure (CVE) ID: CVE-2022-3324
https://huntr.dev/bounties/e414e55b-f332-491f-863b-c18dca97403c
https://github.com/vim/vim/commit/8279af514ca7e5fd3c31cf13b0864163d1a0bfeb
Common Vulnerability Exposure (CVE) ID: CVE-2022-3352
https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60
https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15
Common Vulnerability Exposure (CVE) ID: CVE-2022-3491
https://huntr.dev/bounties/6e6e05c2-2cf7-4aa5-a817-a62007bf92cb
https://github.com/vim/vim/commit/3558afe9e9e904cabb8475392d859f2d2fc21041
Common Vulnerability Exposure (CVE) ID: CVE-2022-3520
https://huntr.dev/bounties/c1db3b70-f4fe-481f-8a24-0b1449c94246
https://github.com/vim/vim/commit/36343ae0fb7247e060abfd35fb8e4337b33abb4b
Common Vulnerability Exposure (CVE) ID: CVE-2022-3591
https://huntr.dev/bounties/a5a998c2-4b07-47a7-91be-dbc1886b3921
https://github.com/vim/vim/commit/8f3c3c6cd044e3b5bf08dbfa3b3f04bb3f711bad
Common Vulnerability Exposure (CVE) ID: CVE-2022-3705
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4JCW33NOLMELTTTDJH7WGDIFJZ5YEEMK/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYEK5RNMH7MVQH6RPBKLSCCA6NMIKHDV/
http://seclists.org/fulldisclosure/2023/Jan/19
https://github.com/vim/vim/commit/d0fab10ed2a86698937e3c3fed2f10bd9bb5e731
https://vuldb.com/?id.212324
Common Vulnerability Exposure (CVE) ID: CVE-2022-4292
https://huntr.dev/bounties/da3d4c47-e57a-451e-993d-9df0ed31f57b
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WYC22GGZ6QA66HLNLHCTAJU265TT3O33/
https://github.com/vim/vim/commit/c3d27ada14acd02db357f2d16347acc22cb17e93
Common Vulnerability Exposure (CVE) ID: CVE-2022-4293
https://huntr.dev/bounties/385a835f-6e33-4d00-acce-ac99f3939143
https://github.com/vim/vim/commit/cdef1cefa2a440911c727558562f83ed9b00e16b
CopyrightCopyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.