CVE-2015-9231

Name of the Vulnerable Software and Affected Versions iTerm2 versions 3.0.0 through 3.1.1 iTerm2 version 2.9.20150717 and other unreleased 2.9.x versions

Description The issue allows remote attackers to discover passwords by reading DNS queries. A feature added to iTerm2 version 3.0.0 and some unreleased 2.9.x versions sends text under the cursor or selected text as an unencrypted DNS query to check if it is a URL. This results in a potential information disclosure, where passwords and other sensitive information can be sent in cleartext without the user's awareness.

Recommendations For iTerm2 versions 3.0.0 through 3.1.1, update to version 3.1.1 or later to resolve the issue. For iTerm2 version 2.9.20150717 and other unreleased 2.9.x versions, consider disabling the feature that sends DNS queries for text under the cursor or selected text until a patched version is available.