- Vulnerability/
- USN-4309-1
USN-4309-1: Vim vulnerabilities
First published: Mon Mar 23 2020(Updated: )
It was discovered that Vim incorrectly handled certain sources. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS (CVE-2017-11109) It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. (CVE-2017-5953) It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.06 LTS. (CVE-2018-20786) It was discovered that Vim incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-20079) It was discovered that Vim incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2017-6349, CVE-2017-6350)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/vim | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Ubuntu | =19.10 | |
| All of | ||
| ubuntu/vim-common | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Ubuntu | =19.10 | |
| All of | ||
| ubuntu/vim-gui-common | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Ubuntu | =19.10 | |
| All of | ||
| ubuntu/vim-runtime | <2:8.1.0875-5ubuntu2.1 | 2:8.1.0875-5ubuntu2.1 |
| Ubuntu Ubuntu | =19.10 | |
| All of | ||
| ubuntu/vim | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/vim-common | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:8.0.1453-1ubuntu1.3 | 2:8.0.1453-1ubuntu1.3 |
| Ubuntu Ubuntu | =18.04 | |
| All of | ||
| ubuntu/vim | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.4.1689-3ubuntu1.4 | 2:7.4.1689-3ubuntu1.4 |
| Ubuntu Ubuntu | =16.04 | |
| All of | ||
| ubuntu/vim | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.4.052-1ubuntu3.1+esm1 | 2:7.4.052-1ubuntu3.1+esm1 |
| Ubuntu Ubuntu | =14.04 | |
| All of | ||
| ubuntu/vim | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Ubuntu | =12.04 | |
| All of | ||
| ubuntu/vim-common | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Ubuntu | =12.04 | |
| All of | ||
| ubuntu/vim-gui-common | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Ubuntu | =12.04 | |
| All of | ||
| ubuntu/vim-runtime | <2:7.3.429-2ubuntu2.3 | 2:7.3.429-2ubuntu2.3 |
| Ubuntu Ubuntu | =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2017-11109
- https://ubuntu.com/security/CVE-2017-5953
- https://ubuntu.com/security/CVE-2017-6349
- https://ubuntu.com/security/CVE-2017-6350
- https://ubuntu.com/security/CVE-2018-20786
- https://ubuntu.com/security/CVE-2019-20079
- https://ubuntu.com/security/notices/USN-4016-1
- https://launchpad.net/ubuntu/+source/vim/2:8.1.0875-5ubuntu2.1
- https://launchpad.net/ubuntu/+source/vim/2:8.0.1453-1ubuntu1.3
- https://launchpad.net/ubuntu/+source/vim/2:7.4.1689-3ubuntu1.4
- https://launchpad.net/ubuntu/+source/vim/2:7.4.052-1ubuntu3.1+esm1
- https://launchpad.net/ubuntu/+source/vim/2:7.3.429-2ubuntu2.3
- https://ubuntu.com/security/notices/USN-4309-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
- agent/type
- agent/severity
- agent/last-modified-date
- agent/first-publish-date
- agent/title
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/usn
- source/Ubuntu
- anchor-related/USN-4016-1
- agent/software-canonical-lookup
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/19.10
- version/ubuntu ubuntu/18.04
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04
- version/ubuntu ubuntu/12.04