CVE-2019-13623

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-13623

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-13623.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-13623

Published

2019-07-17T03:15:10Z

Modified

2025-01-14T07:40:48.115204Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java (from the package ghidra.app.plugin.core.archive) via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.

References

Affected packages

Git / github.com/nationalsecurityagency/ghidra

Affected ranges

Type: GIT
Repo: https://github.com/nationalsecurityagency/ghidra
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

6b4d64a2ac07f154bf1fca307ad99aaa522d41e4

Affected versions

Ghidra_9.*

Ghidra_9.0.1_build

Ghidra_9.0.2_build

Ghidra_9.0.3_build

Ghidra_9.0.4_build