Vulnerabilities > CVE-2019-14422 - Unspecified vulnerability in Tortoisesvn 1.12.1

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
tortoisesvn
exploit available

Summary

An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI handler allows a customised diff operation on Excel workbooks, which could be used to open remote workbooks without protection from macro security settings to execute arbitrary code. A tsvncmd:command:diff?path:[file1]?path2:[file2] URI will execute a customised diff on [file1] and [file2] based on the file extension. For xls files, it will execute the script diff-xls.js using wscript, which will open the two files for analysis without any macro security warning. An attacker can exploit this by putting a macro virus in a network drive, and force the victim to open the workbooks and execute the macro inside.

Vulnerable Configurations

Part Description Count
Application
Tortoisesvn
1

Exploit-Db

idEDB-ID:47252
last seen2019-08-14
modified2019-08-14
published2019-08-14
reporterExploit-DB
sourcehttps://www.exploit-db.com/download/47252
titleTortoiseSVN 1.12.1 - Remote Code Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/154038/VL-2188.txt
idPACKETSTORM:154038
last seen2019-08-15
published2019-08-13
reporterPingFanZettaKe
sourcehttps://packetstormsecurity.com/files/154038/TortoiseSVN-1.12.1-Remote-Code-Execution.html
titleTortoiseSVN 1.12.1 Remote Code Execution

Vulner Lab

idVULNERLAB:2188
last seen2019-08-29
modified2019-08-13
published2019-08-13
reporterPingFanZettaKe [VXRL Team] - https://www.vulnerability-lab.com/show.php?user=PingFanZettaKe
sourcehttp://www.vulnerability-lab.com/get_content.php?id=2188
titleTortoiseSVN v1.12.1 - Remote Code Execution Vulnerability