tanigawa https://blog.hatena.ne.jp/tanigawa/ TT 脆弱性 Blog https://vul.hatenadiary.com/ 脆弱性: ヒープオーバーフロー アプリ: Vim CVE-2022-0318 【概要】■起動方法 ./vim -u NONE -X -Z -e -s -S poc3 -c :qa! 【公開情報】 ◆Heap-based Buffer Overflow in vim/vim (huntr, 2022/01/18) https://huntr.dev/bounties/0d10ba02-b138-4e68-a284-67f781a62d08/ 【PoC】 ◆POC3(huntr) https://drive.google.com/file/d/1ul9vLKyeXUVxx8MOeW02FCBvAn6INySq/view?usp=sharing 190 <iframe src="https://hatenablog-parts.com/embed?url=https%3A%2F%2Fvul.hatenadiary.com%2Fentry%2F2022%2F01%2F18%2F000000" title="Heap-based Buffer Overflow in vim/vim - TT 脆弱性 Blog" class="embed-card embed-blogcard" scrolling="no" frameborder="0" style="display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;"></iframe> Hatena Blog https://hatena.blog 2022-01-18 00:00:00 rich https://vul.hatenadiary.com/entry/2022/01/18/000000 1.0 100%