Lucene search
PRIOn knowledge basePRION:CVE-2018-1000006HistoryJan 24, 2018 - 11:29 p.m.
Design/Logic Flaw
2018-01-2423:29:00
PRIOn knowledge base
www.prio-n.com
3
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16.
| CPE | Name | Operator | Version |
|---|---|---|---|
| electron | eq | 1.8.2 beta3 | |
| electron | eq | 1.8.2 beta2 | |
| electron | eq | 1.8.2 beta1 | |
| electron | le | 1.7.10 | |
| electron | le | 1.6.15 |
Related
threatpost
threatpost
veracode
veracode
Remote Code Execution (RCE)
2018-01-26 02:02:14
Remote Code Execution (RCE)
2018-03-08 09:54:05
cvelist
cvelist
CVE-2018-1000006
2018-01-24 23:00:00
CVE-2018-1000118
2022-10-03 16:21:59
thn
thn
Critical Flaw Hits Popular Windows Apps Built With Electron JS Framework
2018-01-24 01:26:00
zdi
zdi
nodejs
nodejs
Remote Code Execution
2018-01-23 18:40:39
cve
cve
CVE-2018-1000006
2018-01-24 23:29:00
CVE-2018-1000118
2022-10-03 16:21:59
packetstorm
packetstorm
Exodus Wallet (ElectronJS Framework) Remote Code Execution
2018-01-26 00:00:00
Exodus Wallet (ElectronJS Framework) Remote Code Execution
2018-03-29 00:00:00
checkpoint_advisories
checkpoint_advisories
Electron Protocol Handler Remote Code Execution (CVE-2018-1000006)
2018-01-25 00:00:00
github
github
Remote Code Execution in electron
2018-01-23 03:57:44
Electron protocol handler browser vulnerable to Command Injection
2018-03-26 16:41:20
osv
osv
Remote Code Execution in electron
2018-01-23 03:57:44
CVE-2018-1000118
2018-03-07 14:29:00
Electron protocol handler browser vulnerable to Command Injection
2018-03-26 16:41:20
nvd
nvd
CVE-2018-1000006
2018-01-24 23:29:00
CVE-2018-1000118
2018-03-07 14:29:00
prion
prion
Command injection
2018-03-07 14:29:00