CVE List


Critical 7.8

In NSA Ghidra through 9.0.4, path traversal can occur in (from the package via an archive with an executable file that has an initial ../ in its filename. This allows attackers to overwrite arbitrary files in scenarios where an intermediate analysis result is archived for sharing with other persons. To achieve arbitrary code execution, one approach is to overwrite some critical Ghidra modules, e.g., the decompile module.

Published July 17, 2019.

Affected software

Nsa Ghidra

Reference links

Sign Up for Alerts