CVE-2017-5953

vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.

Date published : 2017-02-10

http://www.securityfocus.com/bid/96217

https://github.com/vim/vim/commit/399c297aa93afe2c0a39e2a1b3f972aebba44c9d