ALAS2MATE-DESKTOP1.X-2024-007 --- atrilID: oval:org.secpod.oval:def:1702147 | Date: (C)2024-02-28 (M)2024-02-28 |
Class: PATCH | Family: unix |
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6