Serious security bug in the Vim editor.


Loving users of text editors everywhere breathed a sigh of relief this week when the open source community arranged an error in one of the most venerable programs * nix: Vim.

The battle between the predecessor Vim, ViAnd rival text editor, Emacs, dates back to 1976, when both were released. They have since been almost religions in a holy war hackers.

Richard StallmanThat Emacs wrote, he announced the famous Church of Emacs, with himself as its saint. Pagans can choose the Cult of Vi, although Vim (Vi Improved) was launched in 1981 with new features and has become the de facto program referring to Vi.

Proponents of each side throwing shots to the opposite side, but as a divine want control over your text editor compared to modern word processors mass market, both will serve you well and everything will be fun.

This week, however, one researcher found a dangerous failure Vim. Armin Razmjou (@rawsec) Discovered a high severity error in the text editor that could allow a remote attacker left the sandbox the editor and execute arbitrary code on the host (host machine).

The attack exploits a vulnerability in a feature Vim call modelinesWhich allows you to set specific variables to a file. While these statements are on the front lines, Vim interpreted as instructions. They can tell Vim showing the file with a text width of 60 characters, for example. Or maybe you want to expand tabs to spaces to avoid the wrath of another geek.

Vim It is a powerful text editor that includes many commands scripting. modelines It is careful with running. Run many commands in sandbox to prevent someone malicious text create files that can alter the system. Razmjou discovered a way to make those commands are executed outside the sandbox.

An attacker can use this technique to get the victim computer do anything persuading to open the file. Razmjou he demonstrated with two proof of concept programs.

Fortunately, worshipers Vim everywhere can rejoice, because the bug has been expelled. Razmjou He said those responsible for both projects on the error on May 22, 2019. The community of Vim patched him the next day, and the community of Neovim did one week after notification. The ruling has the code CVE-2019-12735And the NIST gives a classification of vulnerability 8.6 (high) under CVSS 3.0.


If you have not received an update to correct the bug your operating system will strongly recommend that you remove Vin your system until the update is available or you can install a clean copy after having removed the vulnerability. Instructions here.

5 1 vote
Rate the Article
Report of
0 Reviews
Opinion from the article
See all comments
We would like to know what you think, Join the discussion.x