PT-2017-3346 · Gnome+5 · Gnome Evince+5

Felix Wilhelm

Publicado

2017-07-13

Atualizado

2024-06-15

CVE-2017-1000083

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions GNOME Evince versions prior to 3.24.1

Description The issue allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring. This can be demonstrated by a filename starting with --checkpoint-action=exec=bash at the beginning of the filename. The vulnerability is related to the failure to neutralize special elements used in a command.

Recommendations For versions prior to 3.24.1, update to version 3.24.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of .cbt files that are TAR archives containing filenames starting with the "--" command-line option substring. Restrict access to the comic book backend to minimize the risk of exploitation.

Exploit

Correção

Command Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-77

Identificadores relacionados

ALT-PU-2017-1881

ALT-PU-2017-1935

BDU:2018-00111

CESA-2017_2388

CVE-2017-1000083

DLA-1031-1

DSA-3911-1

DSA-3916-1

MGASA-2017-0244

MGASA-2017-0251

OPENSUSE-SU-2017_1933-1

OPENSUSE-SU-2017_3431-1

OPENSUSE-SU-2024:10742-1

RHSA-2017:2388

RHSA-2017_2388

SUSE-SU-2017:1893-1

SUSE-SU-2017:1894-1

SUSE-SU-2017:2390-1

SUSE-SU-2017:3428-1

SUSE-SU-2017_1893-1

SUSE-SU-2017_1894-1

SUSE-SU-2017_2390-1

SUSE-SU-2017_3428-1

USN-3351-1

Produtos afetados

Alt Linux

Centos

Gnome Evince

Red Hat

Suse

Ubuntu

PT-2017-3346 · Gnome+5 · Gnome Evince+5

CVE-2017-1000083

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 44