Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 9 octobre 2019

VU#763073: iTerm2 with tmux integration is vulnerable to remote command execution

iTerm2 is a popular terminal emulator for macOS that supports terminal multiplexing using tmux integration and is frequently used by developers and system administrators. A vulnerability,identified as CVE-2019-9535,exists in the way that iTerm2 integrates with tmux's control mode,which may allow an attacker to execute arbitrary commands by providing malicious output to the terminal. This affects versions of iTerm2 up to and including 3.3.5.

Lien vers l'article source

Auteur: US Cert

Catégories: CertUSNombre de vues: 295


Événements SSI