Lucene search
GoogleOSV:CVE-2023-39150HistorySep 12, 2023 - 1:15 p.m.
CVE-2023-39150
2023-09-1213:15:07
Google
osv.dev
5
conemu
vulnerability
title response
sanitization
arbitrary code execution
incomplete fix
cve-2022-46387
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0.003
Percentile
65.2%
ConEmu before commit 230724 does not sanitize title responses correctly for control characters, potentially leading to arbitrary code execution. This is related to an incomplete fix for CVE-2022-46387.
Related
cvelist
cvelist
CVE-2023-39150
2023-09-12 00:00:00
CVE-2022-46387
2023-03-28 00:00:00
nvd
nvd
CVE-2023-39150
2023-09-12 13:15:07
CVE-2022-46387
2023-03-28 20:15:10
prion
prion
Remote code execution
2023-09-12 13:15:00
Command injection
2023-03-28 20:15:00
cve
cve
CVE-2023-39150
2023-09-12 13:15:07
CVE-2022-46387
2023-03-28 20:15:10
vulnrichment
vulnrichment
CVE-2023-39150
2023-09-12 00:00:00
osv
osv
CVE-2022-46387
2023-03-28 20:15:10
veracode
veracode
Arbitrary Code Execution
2023-09-15 07:41:41
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8
Confidence
Low
EPSS
0.003
Percentile
65.2%
Related for OSV:CVE-2023-39150