Gnome » Evince : Security Vulnerabilities, CVEs, Published In 2017

CVE-2017-1000159

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
Max CVSS
7.8
EPSS Score
0.06%
Published
2017-11-27
Updated
2019-10-03

CVE-2017-1000083

Public exploit
backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a "--" command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.
Max CVSS
7.8
EPSS Score
14.24%
Published
2017-09-05
Updated
2019-10-03
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close