CRITICAL🇵🇱 Wersja polska

CVE-2023-50254

CVSS 9.3v3.1pub. 2023-12-22upd. 2024-11-21

Deepin Linux's default document reader `deepin-reader` software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution (RCE) can be achieved by overwriting files like .bash_rc, .bash_login, etc. RCE will be triggered when the user opens the terminal. Version 6.0.7 contains a patch for the issue.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:H
  • Deepin Reader

    APP
    Deepin
    < 6.0.7
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEPath Traversal
CWE
References

Related vulnerabilities

CVE-2023-50255CRITICAL9.3PL ✓ten sam vendor

Path traversal w Deepin-Compressor umożliwiający zdalne wykonanie kodu

CVE-2019-13226HIGH7.0ten sam vendor

deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename> in the Helper:...

CVE-2017-7622HIGH8.8ten sam vendor

dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privilege...

CVE-2019-13227MEDIUM5.5ten sam vendor

In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone.log as root, an...

CVE-2019-13228MEDIUM4.7ten sam vendor

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to download an ISO...