VULHUB ™

Nvi is an implementation of the vi text editor. English and multilingual versions of Nvi are prone to format string attacks. This is due to insufficient validation of externally supplied data to the routine that handles saved filenames. This issue has not been proven to be exploitable. However, if it can be exploited then it may be possible for the local attacker to execute arbitrary code and potentially elevate privileges on the host.

Nvi is an implementation of the vi text editor. English and multilingual versions of Nvi are prone to format string attacks. This is due to insufficient validation of externally supplied data to the routine that handles saved filenames. This issue has not been proven to be exploitable. However, if it can be exploited then it may be possible for the local attacker to execute arbitrary code and potentially elevate privileges on the host.