TortoiseSVN

TortoiseSVN Remote Code Execution Vulnerability (CVE-2019-14422) Threat Alert

setembro 3, 2019

Overview

On August 13, local time, a researcher from a vulnerability laboratory (vxrl team) disclosed a remote code execution vulnerability (CVE-2019-14422) in TortoiseSVN.

The URI handler of TortoiseSVN (Tsvncmd:) allows a customized diff operation on Excel workbooks. This vulnerability could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. (mais…)

Search

Inscreva-se no Blog da NSFOCUS