Security experts at
The RCE flaw tracked as CVE-2019-9535 was discovered as part of an independent security audit funded by the Mozilla Open Source Support Program (MOSS).
“A security audit funded by the Mozilla Open Source Support Program (MOSS) has discovered a critical security vulnerability in the widely used
The RCE vulnerability resides in the
The experts published a video PoC that shows how to exploit the vulnerability by producing output to the terminal. Possible attack vectors would be
“Typically, this vulnerability would require some degree of user interaction or trickery; but because it can be exploited via commands generally considered safe, there is a high degree of concern about the potential impact,” Mozilla concludes.
The iTerms2 version 3.3.6 addresses the flaw that
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.