Download
| Alert*
[3.6] evince: command injection via filename in tar-compressed comics archive (CVE-2017-1000083)
The comic book backend in evince 3.24.0 is vulnerable to a commandinjection bug that can be used to execute arbitrary commands when a cbtfile is opened.
|