CVE-2019-13623

CVE-2019-13623

In NSA Ghidra through 9.0.4, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.

Source: CVE-2019-13623

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다