CVE-2017-11421

Name of the Vulnerable Software and Affected Versions gnome-exe-thumbnailer versions prior to 0.9.5

Description The issue is related to a VBScript Injection when generating thumbnails for MSI files. This can lead to a local attack if the victim uses the GNOME Files file manager and navigates to a directory containing a .msi file with VBScript code in its filename.

Recommendations For versions prior to 0.9.5, update to version 0.9.5 or later to resolve the issue. As a temporary workaround, consider avoiding the use of gnome-exe-thumbnailer for .msi files until a patch is applied. Restrict access to directories containing potentially malicious .msi files to minimize the risk of exploitation.