CVE-2023-4751

Name of the Vulnerable Software and Affected Versions vim versions prior to 9.0.1331

Description The issue is related to a heap-based buffer overflow in the vim text editor, specifically concerning the utfc ptr2len() function, which can lead to an out-of-bounds operation in memory. Exploitation of this issue may allow an attacker to execute arbitrary code. A use-after-free issue was also addressed with improved memory management.

Recommendations For versions prior to 9.0.1331, update to version 9.0.1331 or later to resolve the issue. As a temporary workaround, consider disabling the utfc ptr2len() function until a patch is available. Restrict access to the vulnerable vim repository to minimize the risk of exploitation. Avoid using the vulnerable function in the affected vim versions until the issue is resolved.