admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 19:16:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-3314.md

19 lines
1.0 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-3314](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3314)
![](https://img.shields.io/static/v1?label=Product&message=Enterprise%20Security%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2011.6.3%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-78%20Improper%20Neutralization%20of%20Special%20Elements%20used%20in%20an%20OS%20Command%20('OS%20Command%20Injection')&color=brighgreen)
### Description
A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip file(s). Incomplete neutralization of external commands used to control the process execution of the .zip application allows an authorized user to obtain control of the .zip application to execute arbitrary commands or obtain elevation of system privileges.
### POC
#### Reference
- https://kcm.trellix.com/corporate/index?page=content&id=SB10403
Update CVE sources 2024-06-09 00:33
2024-06-09 00:33:16 +00:00
- https://kcm.trellix.com/corporate/index?page=content&id=SB10403
Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink