Macvim: MacVim is vulnerable to arbitrary code execution via modelines (vim < 8.1.1365)

Created on 5 Jun 2019  路  4Comments  路  Source: macvim-dev/macvim

Vim before 8.1.1365 is vulnerable to arbitrary code execution via modelines by opening a specially crafted text file.

A detailed description of the issue was published here:
https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md

Although the original vulnerability was patched with 8.1.1365, I would suggest to update at least to vim 8.1.1368, as the follow-up patches add the new option :set modelineexpr as another mitigation for similar attacks.

Most helpful comment

Thanks for pointing out. Will update.

All 4 comments

Thanks for pointing out. Will update.

Updated to latest and pushed a release out. Closing.

The changelog for snapshot-156 incorrectly claims the vulnerability was fixed in Vim 8.1.265.

@lilyball Thanks for pointing that out. I fixed the typo in release page and the auto-updater's message.

Was this page helpful?
0 / 5 - 0 ratings