Main Vulnerability Database Vulnerabilities #VU35631

#VU35631 Security Features in TortoiseSVN - CVE-2019-14422

Published: August 15, 2019 / Updated: June 17, 2021

Vulnerability identifier: #VU35631

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber

CVE-ID: CVE-2019-14422

CWE-ID: CWE-254

Exploitation vector: Remote access

Exploit availability: Public exploit is available

Vulnerable software:
TortoiseSVN

Software vendor:
The TortoiseSVN team

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside.

Remediation

Install update from vendor's website.

#VU35631 Security Features in TortoiseSVN - CVE-2019-14422

Description

Remediation

External links

Please verify you're human