CVE-2019-10038

Sažetak

Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file.

Reference

https://drive.google.com/file/d/1cmWixK1vAh7oZ2y3Y3ZtVeSoTRp8c1Ts/view?usp=sharing
https://evernote.com/security/updates
https://www.inputzero.io/2019/04/evernote-cve-2019-10038.html

CVSS

Base:	4.4
Impact:	6.4
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-05-2020 - 17:38

Objavljeno

31-05-2019 - 22:29