PT-2019-14935 · Simon Tatham+2 · Putty+3

Published

2019-09-30

·

Updated

2024-06-15

·

CVE-2019-17068

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions PuTTY versions prior to 0.73 opensuse leap (affected versions not specified)
Description The issue concerns a protection mechanism mishandling in PuTTY, potentially allowing malicious clipboard content to affect a session. There is also a mention of a vulnerability in opensuse leap, related to PuTTY.
Recommendations For PuTTY versions prior to 0.73, update to version 0.73 or later to resolve the issue. For opensuse leap, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

ALT-PU-2019-2805
ALT-PU-2021-1860
ALT-PU-2023-4867
CVE-2019-17068
MGASA-2020-0003
OPENSUSE-SU-2019:2276-1
OPENSUSE-SU-2019:2277-1
OPENSUSE-SU-2019:2292-1
OPENSUSE-SU-2019_2276-1
OPENSUSE-SU-2019_2277-1
OPENSUSE-SU-2024:11201-1

Affected Products

Alt Linux
Putty
Suse
Opensuse Leap