CNNVD-202509-2334 Information
CNNVD ID
CNNVD-202509-2334
Related CVE
- CNNVD Published: 2025-09-16
Description (Chinese)
GreenShot是GreenShot公司的一款适用于 Windows 的轻量级屏幕截图软件工具。 GreenShot 1.3.300及之前版本存在安全漏洞,该漏洞源于反序列化WM_COPYDATA消息中的攻击者控制数据时未经验证或身份验证,可能导致本地进程在相同完整性级别下触发任意代码执行。
Description (English)
GreenShot is a lightweight screenshot software tool for Windows from GreenShot. There is a security loophole in GreenShot 1.3.300 and earlier versions, which stems from the lack of authentication or authentication of the assailant ’ s control data in the back-sequencing WM COPYDATA message, which may result in local processes triggering arbitrary code execution at the same level of integrity.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GreenShot
Published
2025-09-16
Last Modified
2026-02-24
References
https://github.com/greenshot/greenshot/security/advisories/GHSA-8f7f-x7ww-xx5w https://github.com/greenshot/greenshot/commit/f5a29a2ed3b0eb49231c0f4618300f488cf1b04d https://access.redhat.com/security/cve/cve-2025-59050
Patch
https://getgreenshot.org/downloads/
Share on: