Arbitrary Code Execution in Sourcetree for Mac

XMLWordPrintable

    • Type: Public Security Vulnerability
    • Resolution: Fixed
    • Priority: Low
    • 4.2.12
    • Affects Version/s: 4.2.8, 4.2.9, 4.2.10, 4.2.11
    • Component/s: None
    • None
    • 5.9
    • Bug Bounty
    • Karmaz95
    • CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:H/SI:H/SA:L
    • PrivEsc (Privilege Escalation)
    • Sourcetree for Mac

      Sourcetree for Mac versions after 4.2.7 and before 4.2.12 allow an attacker with local access to the machine on which it is installed to execute arbitrary code in the context of any user running the application.

              Assignee:
              Pratap Guvvala
              Reporter:
              David Detweiler
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: