ConEmu before commit 230724 does not sanitize title responses correctly for control characters, potentially leading to arbitrary code execution. This is related to an incomplete fix for CVE-2022-46387.
References
Link | Resource |
---|---|
https://gist.github.com/dgl/081cf503dc635df39d844e058a6d4c88 | Third Party Advisory |
https://github.com/Maximus5/ConEmu/commit/60683a186628ffaa7689fcb64b3c38ced69287c1 | Patch |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-12T00:00:00
Updated: 2023-09-12T12:05:08.438746
Reserved: 2023-07-25T00:00:00
Link: CVE-2023-39150
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-09-12T13:15:07.897
Modified: 2023-10-05T13:14:16.257
Link: CVE-2023-39150
JSON object: View
Redhat Information
No data.
CWE