backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
21 Nov 2024, 03:04
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/oss-sec/2017/q3/128 - Mailing List, Third Party Advisory | |
References | () http://www.debian.org/security/2017/dsa-3911 - Third Party Advisory | |
References | () http://www.securityfocus.com/bid/99597 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2017:2388 - Third Party Advisory | |
References | () https://bugzilla.gnome.org/show_bug.cgi?id=784630 - Issue Tracking, Third Party Advisory | |
References | () https://github.com/GNOME/evince/commit/717df38fd8509bf883b70d680c9b1b3cf36732ee - Issue Tracking, Patch, Third Party Advisory | |
References | () https://www.exploit-db.com/exploits/45824/ - Exploit, Third Party Advisory, VDB Entry | |
References | () https://www.exploit-db.com/exploits/46341/ - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2017-09-05 06:29
Updated : 2024-11-21 03:04
NVD link : CVE-2017-1000083
Mitre link : CVE-2017-1000083
CVE.ORG link : CVE-2017-1000083
JSON object : View
Products Affected
redhat
- enterprise_linux_desktop
- enterprise_linux_server_tus
- enterprise_linux_server_aus
- enterprise_linux_server_eus
- enterprise_linux_workstation
- enterprise_linux_server
debian
- debian_linux
gnome
- evince
CWE