PT-2019-15763 · Google Code · Iterm2

Publicado

2019-11-17

Atualizado

2019-11-19

CVE-2019-19022

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions iTerm2 versions prior to 3.3.7

Description The issue is related to potentially insufficient documentation about the presence of search history in com.googlecode.iterm2.plist. This might allow remote attackers to obtain sensitive information by searching for specific strings in .plist files within public Git repositories.

Recommendations For versions prior to 3.3.7, update to version 3.3.7 or later to ensure proper documentation and handling of search history in com.googlecode.iterm2.plist.

Exploit

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2019-19022

Produtos afetados

Iterm2

PT-2019-15763 · Google Code · Iterm2

CVE-2019-19022

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3