CVE-2019-12735
NONE EPSS 97.0%
Published Jun 5, 20197y ago · Modified Jun 17, 20262w ago
Published Jun 5, 2019 7y ago
Last Modified Jun 17, 2026 2w ago
Description
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
Threat Intelligence
EPSS Exploit Probability
97.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-78 OS Command Injection Injection
Affected Products 2
References 32
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00031.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00036.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00037.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00034.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00050.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00075.html
- securityfocus.com http://www.securityfocus.com/bid/108724
- access.redhat.com https://access.redhat.com/errata/RHSA-2019:1619
- access.redhat.com https://access.redhat.com/errata/RHSA-2019:1774
- access.redhat.com https://access.redhat.com/errata/RHSA-2019:1793
- access.redhat.com https://access.redhat.com/errata/RHSA-2019:1947
- bugs.debian.org https://bugs.debian.org/930020
- bugs.debian.org https://bugs.debian.org/930024
- github.com https://github.com/neovim/neovim/pull/10082
- github.com https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
- github.com https://github.com/vim/vim/commit/53575521406739cf20bbe4e384d88e7dca11f040
- lists.debian.org https://lists.debian.org/debian-lts-announce/2019/08/msg00003.html
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BMDSHTF754TITC6AQJPCS5IRIDMMIM7/
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TRIRBC2YRGKPAWVRMZS4SZTGGCVRVZPR/
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2BMDSHTF754TITC6AQJPCS5IRIDMMIM7/
- lists.fedoraproject.org https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRIRBC2YRGKPAWVRMZS4SZTGGCVRVZPR/
- seclists.org https://seclists.org/bugtraq/2019/Jul/39
- seclists.org https://seclists.org/bugtraq/2019/Jun/33
- security.gentoo.org https://security.gentoo.org/glsa/202003-04
- support.f5.com https://support.f5.com/csp/article/K93144355
- support.f5.com https://support.f5.com/csp/article/K93144355?utm_source=f5support&%3Butm_medium=RSS
- support.f5.com https://support.f5.com/csp/article/K93144355?utm_source=f5support&utm_medium=RSS
- usn.ubuntu.com https://usn.ubuntu.com/4016-1/
- usn.ubuntu.com https://usn.ubuntu.com/4016-2/
- debian.org https://www.debian.org/security/2019/dsa-4467
- debian.org https://www.debian.org/security/2019/dsa-4487
- exploit-db.com https://www.exploit-db.com/exploits/46973
Remediation
- github.com https://github.com/neovim/neovim/pull/10082
- github.com https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
- github.com https://github.com/vim/vim/commit/53575521406739cf20bbe4e384d88e7dca11f040