First published: Tue Aug 30 2022(Updated: )
An issue in the installer of gvim 9.0.0000 allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Vim Gvim | =9.0.0000 | |
Microsoft Windows |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-37173 is a vulnerability in the installer of gvim 9.0.0000 that allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:\Program.exe.
CVE-2022-37173 affects Vim Gvim 9.0.0000 by allowing authenticated attackers to execute arbitrary code using a binary hijacking attack on C:\Program.exe.
The severity of CVE-2022-37173 is high with a CVSS score of 7.8.
To fix the CVE-2022-37173 vulnerability, it is recommended to update gvim to a secure version that has addressed the issue.
You can find more information about CVE-2022-37173 at the following reference: [CVE-2022-37173](https://github.com/ycdxsb/Vuln/tree/main/Gvim-Installer-Vuln).