Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uncontrolled search path #16

Closed
Zero871015 opened this issue Jul 30, 2021 · 1 comment
Closed

Uncontrolled search path #16

Zero871015 opened this issue Jul 30, 2021 · 1 comment

Comments

@Zero871015
Copy link

Zero871015 commented Jul 30, 2021
edited
Loading

Describe

If there is a file named "cmd.exe" located at Meteoinfo's working directory, when we run Meteoinfo, the file will be executed.

How To Reproduce

  1. Copy "calc.exe" to the folder of Meteoinfoand rename to "cmd.exe" (Just for test).
  2. Execute "MeteoInfoLab.exe"
  3. Your "calc.exe"(cmd.exe) is executed.
    image
    image

Here is demo.

CVE-2019-17664

I was working on CVE-2019-17664, and it indicates that the problem is on Jython not Ghidra.
Jython already raised the issue to fix it on next version(Jython 2.7.3), but for now is only 2.7.2.
I just that you know the Jython exploits, you can fix it yourself or wait Jython patch.

Environment

  • OS: Windows 10 x64
  • Version: MeteoInfoLab 3.1.0
@Yaqiang
Copy link
Contributor

Yaqiang commented Aug 4, 2021

Thanks for this issue report!

@Yaqiang Yaqiang closed this as completed Mar 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Yaqiang @Zero871015