PT-2016-7718 · Git · Git
Mattymcfatty
·
Published
2016-11-11
·
Updated
2020-08-13
·
CVE-2016-9274
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Git versions 1.x
Description
The issue allows local users to gain privileges through a Trojan horse git.exe file in the current working directory due to an untrusted search path vulnerability.
Recommendations
For Git version 1.x, consider updating to a version that is not affected by this issue, such as Git 2.x, to resolve the problem.
Exploit
Fix
Untrusted Search Path
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Git