Vim 9.1.1096 Memory Corruption via --log
CVE-2025-1215 Published on February 12, 2025
vim main.c memory corruption
A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update 1 day later.
Weakness Type
What is a Buffer Overflow Vulnerability?
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.
CVE-2025-1215 has been classified to as a Buffer Overflow vulnerability or weakness.
Products Associated with CVE-2025-1215
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2025-1215 are published in these products:
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.