CVE-2020-17759

An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arbitrary command execution if the user clicks on a specially crafted URL. AKA: WINNOTE-19941.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:evernote:evernote:6.17.7:*:*:*:*:windows:*:*
cpe:2.3:a:evernote:evernote:6.18:beta2:*:*:*:windows:*:*
OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:*:*:*:*:*:*:*

Information

Published : 2021-06-24 13:15

Updated : 2021-07-01 06:46


NVD link : CVE-2020-17759

Mitre link : CVE-2020-17759


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

microsoft

  • windows_server_2008
  • windows_7
  • windows_10

evernote

  • evernote