Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Tortoise. NOTE: this is only a vulnerability when a file extension is associated with TortoiseProc or TortoiseMerge, which is not the default.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tigris TortoiseSVN非信任搜索路径漏洞
Vulnerability Description
Tortoise SVN 是Subversion 版本控制系统的一个免费开源客户端,可以超越时间的管理文件和目录。 TortoiseSVN 1.6.10版本Build 19898以及早期版本中存在非信任搜索路径漏洞。本地用户也可能是远程攻击者可以借助与Tortoise生成的文件在相同文件夹下的dwmapi.dll木马执行任意代码和DLL劫持攻击。
CVSS Information
N/A
Vulnerability Type
N/A