Published: 09/05/2016 Updated: 01/07/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The convert extension in Mercurial prior to 3.8 might allow context-dependent malicious users to execute arbitrary code via a crafted git repository name.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
mercurial mercurial

Blake Burkhart discovered an arbitrary code execution flaw in Mercurial, a distributed version control system, when using the convert extension on Git repositories with specially crafted names This flaw in particular affects automated code conversion services that allow arbitrary repository names For the stable distribution (jessie), this problem ...

It was discovered that the Mercurial convert extension invoked Git in a way that could cause Git to interpret local repository name as remote repository URL A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository ...

CWE-284 https://selenic.com/hg/rev/a56296f55a5e https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29 http://www.debian.org/security/2016/dsa-3570 http://www.securityfocus.com/bid/90536 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255 http://lists.opensuse.org/opensuse-updates/2016-05/msg00082.html https://security.gentoo.org/glsa/201612-19 https://nvd.nist.gov https://www.debian.org/security/./dsa-3570

CVE-2016-3105

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect