Code execution flaw found in older versions of Vim and Neovim

In News

A security researcher has discovered an arbitrary code execution flaw in popular text editors Vim and Neovim. The vulnerability was found in the older versions of the two applications.

In a tweet, the researcher mentioned that the vulnerability was the result of a feature known as ‘modelines’ in the application, which could enable attackers to execute arbitrary code and gain remote control over compromised systems. The flaw, called CVE-2019-12735, is a result of a faulty getchar.c function which allows remote attackers to execute arbitrary code through the ‘:source!’ command in a modeline. It affects Vim versions prior to 8.1.1365 and Neovim versions prior to 0.3.6. The researcher has also released two proof-of-concept (PoC) exploits for this vulnerability. One of the exploits shows an attack scenario wherein a reverse shell is executed when he/she opens a malicious file on either of these applications. This permitted system access to the remote attacker.

The researcher has advised other countermeasures such as disabling modelines, using a plugin called ‘securemodelines’ or to disable ‘modelineexpr’ option in modelines. Since Vim and Neovim are pre-installed in most of the Linux-based operating systems, Linux users are more prone to RCE attacks due to this flaw. Thus, they are advised to apply the patches available for the two applications.

Comments

You may also read!

Data security through digital accounting reports

Vikas Panchal, Business Head at Tally Solutions in the Middle East, a leading international accounting, inventory and compliance software

Read More...

Know the risks associated with sharing selfies

Tomas Foltyn, security writer at ESET discusses the risks that may come with sharing selfies, especially for kids and

Read More...

Etisalat to expand its cybersecurity portfolio with Help AG acquisition

With an eye to expand its stake in the cyber security market, UAE’s prime telecom operator, Etisalat has signed

Read More...

Join Our Newsletter!

Love SecurityMEA? We love to tell you about our new stuff. Subscribe to newsletter!

Mobile Sliding Menu