[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

[3.6] evince: command injection via filename in tar-compressed comics archive (CVE-2017-1000083)

ID: oval:org.secpod.oval:def:1800828Date: (C)2018-03-28   (M)2022-08-31
Class: PATCHFamily: unix




The comic book backend in evince 3.24.0 is vulnerable to a commandinjection bug that can be used to execute arbitrary commands when a cbtfile is opened.

Platform:
Alpine Linux 3.6
Product:
evince
Reference:
7545
CVE-2017-1000083
CVE    1
CVE-2017-1000083
CPE    2
cpe:/a:gnome:evince
cpe:/o:alpinelinux:alpine_linux:3.6

© SecPod Technologies