CVE-2024-43790
CVSS 3.1 Score 4.5 of 10 (medium)
Details
Summary
CVE-2024-43790 is a vulnerability affecting the Vim open-source text editor, primarily when the search-count message display is disabled and right-left mode is enabled. The flaw occurs due to an overflow when accessing a message buffer that incorrectly reflects the length of a search pattern containing ASCII NUL characters. This vulnerability has a medium severity rating, with an exploitability score of 1.0, indicating a local attack vector requiring user interaction to exploit. Remediation has been implemented in Vim patch v9.1.0689, which should be applied to mitigate potential risks. If exploited, this vulnerability could lead to low integrity and confidentiality impacts within affected systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.