4 matches found
CVE-2023-46116
creationtimestamp| type| source ---|---|--- 2023-12-28 23:16:41+00:00| seen| https://t.me/ctinow/160231...
CVE-2023-46116 Remote Code Execution via insufficiently sanitized call to shell.openExternal
Tutanota Tuta Mail is an encrypted email provider. Tutanota allows users to open links in emails in external applications. Prior to version 3.118.12, it correctly blocks the file: URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to chec...
CVE-2023-46116 Remote Code Execution via insufficiently sanitized call to shell.openExternal
Tutanota Tuta Mail is an encrypted email provider. Tutanota allows users to open links in emails in external applications. Prior to version 3.118.12, it correctly blocks the file: URL scheme, which can be used by malicious actors to gain code execution on a victims computer, however fails to chec...
CVE-2023-46116
The CVE affects Tutanota (Tuta Mail) when opening links in emails in external applications. Before update, it blocks file: but does not sufficiently validate other URL schemes (e.g., ftp:, smb:), which can lead to code execution on a victim’s machine if the user interacts with a malicious link. T...