Electron CVE-2018-1000136 Remote Code Execution Vulnerability
BID:104159
Info
Electron CVE-2018-1000136 Remote Code Execution Vulnerability
| Bugtraq ID: | 104159 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2018-1000136 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 23 2018 12:00AM |
| Updated: | Mar 23 2018 12:00AM |
| Credit: | Brendan Scarvell |
| Vulnerable: |
Electron Electron 2.0 Electron Electron 1.8.3 Electron Electron 1.8.1 Electron Electron 1.8 Electron Electron 1.7.12 Electron Electron 1.7.11 Electron Electron 1.7.10 Electron Electron 1.7 Electron Electron 2.0.0-beta.3 Electron Electron 1.8.2-beta.4 Electron Electron 1.8.2-beta.3 Electron Electron 1.8.2-beta.1 |
| Not Vulnerable: |
Electron Electron 1.8.4 Electron Electron 1.7.13 Electron Electron 2.0.0-beta.4 |
Discussion
Electron CVE-2018-1000136 Remote Code Execution Vulnerability
Electron is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Electron 1.7 through 1.7.12, 1.8 through 1.8.3, and 2.0.0 through 2.0.0-beta.3 are vulnerable.
Electron is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with in the context of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Electron 1.7 through 1.7.12, 1.8 through 1.8.3, and 2.0.0 through 2.0.0-beta.3 are vulnerable.
Exploit / POC
Electron CVE-2018-1000136 Remote Code Execution Vulnerability
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.