Wednesday, 17 April 2019

Code execution - Evernote

Summary:
A local file path traversal issue exists in Evernote 7.9 for macOS which allows an attacker to execute arbitrary programs.



Technical observation:
A crafted URI can be used in a note to perform this attack using file:/// as an argument or by traversing to any directory like
(../../../../something.app).

Since Evernote also has a feature of sharing notes, in such a case an attacker could leverage this vulnerability and send crafted notes (.enex) to the victim to perform further attacks.

Patch:
A patch for this issue was released in Evernote 7.10 Beta 1 and 7.9.1 GA for macOS [MACOSNOTE-28840]. CVE-2019-10038 was assigned to this issue.
Share:

0 coment�rios:

Post a comment