Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor

Mohit Kumar | June 10, 2019

Your Linux Can Get Hacked Just by Opening a File in Vim or Neovim Editor
If you haven't recently updated your Linux operating system, especially the command-line text editor utility, do not even try to view the content of a file using Vim or Neovim. Security researcher Armin Razmjou recently discovered a high-severity arbitrary OS command execution vulnerability (CVE-2019-12735) in Vim and Neovim—two most popular and powerful command-line text editing applications that come pre-installed with most Linux-based operating systems. On Linux systems, Vim editor allows users to create, view or edit any file, including text, programming scripts, and documents. Since Neovim is just an extended forked version of Vim, with better user experience, plugins and GUIs, the code execution vulnerability also resides in it. Razmjou discovered a flaw in the way Vim editor handles "modelines," a feature that's enabled-by-default to automatically find and apply a set of custom preferences mentioned by the creator of a file near the starting and ending lines in the document.

Spotlight

Description: An incident response plan allows or your organization to launch a mitigation effort against a cyber attack, but it opens a door that leads to a landscape of land mines. Being successful at managing an incident requires knowing exactly where the land mines are hidden so you can avoid mak


Other News

Thought leaders come together to discuss the futureof developer relations in a remote-first world

SlashData | September 19, 2020

For immediate release London, United Kingdom Media contact at SlashData Ltd. Viktorija Ignataviciute viktorija@slashdata.co Best practises engaging Open Source and DevOps developers Developer trends; Tracking Covid effect on the industry While industries, businesses and individuals are being challenged significantly, the Future Developer Summit

Read More

SALESFORCE LAUNCHES NEW HYBRID CMS PLATFORM 'SALESFORCE CMS

DECK7 | November 12, 2019

Demand owns content, and with the release of 'Salesforce CMS', it’s clear that Salesforce is putting the control squarely with demand, not to mention delighting the creative marketer with more power through additional tools for creating content that are expected to work well right out of the box (er… cloud). Customers have become accustomed to consuming content across multiple channels and platforms which requires marketers to provide for seamless integration of their content. Enterprises have always been challenged by using multiple systems for their content management. Salesforce CMS addresses these common content challenges and promises more....

Read More

DECK 7 INTERVIEWS SANGRAM VAJRE, CO-FOUNDER & CHIEF EVANGELIST AT TERMINUS

DECK7 | January 13, 2020

DECK 7 is proud to present an exciting interview with the Co-Founder & Chief Evangelist at Terminus, Sangram Vajre. He is an author, keynote speaker, 3x CMO, host of the daily #FlipMyFunnel podcast, entrepreneur and category maker. Sangram has been a driving force behind the success of Terminus and building the ABM subcategory of marketing technology. Before co-founding Terminus, Sangram was Head of Marketing at Pardot through its acquisition by ExactTarget and then Salesforce. A contributing columnist for Inc., he wrote the book, "Account-Based Marketing For Dummies" and is the mastermind behind #FlipMyFunnel, a B2B podcast series that has now over 500 episodes and continues t...

Read More

DECK 7 FRAMEWORK FOR DIGITAL™ REDEFINES ITS B2B MODEL FOR 2020 LEAD-GEN GOALS

DECK7 | January 20, 2020

DECK 7 Inc., a top lead generation company based in San Diego, California, has gone beyond its peers and competitors in their digital marketing efforts for 2020. An esteemed digital marketing and media company, known for executing campaign management and content services to its clients and partners worldwide, DECK 7 has built a comprehensive system to track buyers and influencers, build behavioral models, and putting all the vast intelligence it generates into the hands of its marketing partners. The DECK 7 Framework For Digital™ is the outcome of several years of working together with some of the most innovative and successful companies in the world, and is based on the...

Read More

Spotlight

Description: An incident response plan allows or your organization to launch a mitigation effort against a cyber attack, but it opens a door that leads to a landscape of land mines. Being successful at managing an incident requires knowing exactly where the land mines are hidden so you can avoid mak

Resources

Events