Oval Definition:
oval:com.ubuntu.cosmic:def:2019127350000000
Revision Date
:
2019-06-05
Version
:
1
Title
:
CVE-2019-12735 on Ubuntu 18.10 (cosmic) - medium.
Description
:
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2019-12735
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
neovim package in cosmic was vulnerable but has been fixed (note: '0.3.1-1ubuntu0.1').
OR
vim package in cosmic was vulnerable but has been fixed (note: '2:8.0.1766-1ubuntu1.1').
BACK