CVE-2023-34634 – GreenShot 1.2.10 - Insecure Deserialization Arbitrary Code Execution

https://notcve.org/view.php?id=CVE-2023-34634

31 Jul 2023 — Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened. Greenshot 1.2.10 y versiones anteriores permiten la ejecución de código arbitrario porque el contenido .NET se deserializa de forma insegura cuando se abre un archivo .greenshot. There exists a .NET deserialization vulnerability in Greenshot versions 1.3.274 and below. The deserialization allows the execution of commands when a user opens a Greenshot file. The commands... • https://packetstorm.news/files/id/173825 •