An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This enables attackers for arbitrary command execution if the user clicks on a specially crafted URL. AKA: WINNOTE-19941.
References
Link | Resource |
---|---|
https://evernote.com/intl/zh-cn/security/updates/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2021-06-24 13:15
Updated : 2021-07-01 06:46
NVD link : CVE-2020-17759
Mitre link : CVE-2020-17759
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
microsoft
- windows_server_2008
- windows_7
- windows_10
evernote
- evernote