PT-2018-9198 · Microsoft+2 · Windows 2008+4
Wflki
·
Published
2018-01-23
·
Updated
2023-10-05
·
CVE-2018-1000006
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
GitHub Electron versions 1.8.2-beta.3 and earlier
GitHub Electron versions 1.7.10 and earlier
GitHub Electron versions 1.6.15 and earlier
Description:
The issue is related to a vulnerability in the protocol handler of Electron apps running on Windows 10, 7, or 2008. If an Electron application registers a custom protocol handler, it can be tricked into arbitrary command execution when a user clicks on a specially crafted URL. This vulnerability is caused by a failure to sanitize additional arguments to Chromium in the command line handler for Electron. The estimated number of potentially affected devices is not provided.
Recommendations:
For GitHub Electron versions 1.8.2-beta.3 and earlier, update to version 1.8.2-beta.4 or later.
For GitHub Electron versions 1.7.10 and earlier, update to version 1.7.11 or later.
For GitHub Electron versions 1.6.15 and earlier, update to version 1.6.16 or later.
If updating is not possible, append
-- as the last argument when calling app.setAsDefaultProtocolClient to prevent Chromium from parsing further options. For example:app.setAsDefaultProtocolClient(protocol, process.execPath, [
'--your-switches-here',
'--'
])Exploit
Fix
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Chromium
Github Electron
Windows 10
Windows 2008
Windows 7