CVE-2019-12735 – Vim < 8.1.1365 / Neovim < 0.3.6 - Arbitrary Code Execution

https://notcve.org/view.php?id=CVE-2019-12735

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim. El archivo getchar.c en Vim anterior a versión 8.1.1365 y Neovim anterior a versión 0.3.6 permite a los atacantes remotos ejecutar comandos arbitrarios del sistema operativo por medio de: comando source! en el componente modeline, como es demostrado por la ejecución en Vim, y assert_fails o nvim_input en Neovim. It was found that the `:source! • https://www.exploit-db.com/exploits/46973 https://github.com/oldthree3/CVE-2019-12735-VIM-NEOVIM https://github.com/st9007a/CVE-2019-12735 https://github.com/datntsec/CVE-2019-12735 http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00037.html http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00034.html http://l • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •