6 matches found
GitHub: CVE-2023-22743 Git for Windows Installer Elevation of Privilege Vulnerability
...
Security Updates for Microsoft Visual Studio Products (March 2023)
The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Using a specially-crafted repository, Git prior to versions 2.39.2, 2.38.4, 2.37.6, 2.36.5, 2.35.7, 2.34.7, 2.33.7, 2.32.6, 2.31.7, and 2.30.8 can be tricked into using its...
CVE-2023-22743
creationtimestamp| type| source ---|---|--- 2023-02-15 00:35:48+00:00| seen| Telegram/9tuBH6VjmNNxuLPcQ8IbWhMkbTJw5n47rXTimWDgV94TPTg...
CVE-2023-22743 Git for Windows' installer is susceptible to DLL side loading attacks
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This...
CVE-2023-22743
Git for Windows prior to 2.39.2 is vulnerable to DLL side-loading: an attacker with local write access can place a malicious DLL next to the installer and trigger elevation during upgrades. Version 2.39.2 includes a fix. Workarounds mention not leaving untrusted files in the Downloads folder (or ...
CVE-2023-22743 Git for Windows' installer is susceptible to DLL side loading attacks
Git for Windows is the Windows port of the revision control system Git. Prior to Git for Windows version 2.39.2, by carefully crafting DLL and putting into a subdirectory of a specific name living next to the Git for Windows installer, Windows can be tricked into side-loading said DLL. This...