ALT-PU-2017-2220-1
Closed vulnerabilities
Published: 2017-11-27
BDU:2020-01828
Уязвимость программного средства просмотра документов Evince, связанная с непринятием мер по нейтрализации специальных элементов, позволяющая нарушителю выполнить произвольные команды
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-11-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-1000159
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
Severity: HIGH (7.8)
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://bugzilla.gnome.org/show_bug.cgi?id=784947
- https://bugzilla.gnome.org/show_bug.cgi?id=784947
- [debian-lts-announce] 20171211 [SECURITY] [DLA 1204-1] evince security update
- [debian-lts-announce] 20171211 [SECURITY] [DLA 1204-1] evince security update
- [debian-lts-announce] 20190813 [SECURITY] [DLA 1881-1] evince security update
- [debian-lts-announce] 20190813 [SECURITY] [DLA 1881-1] evince security update
- [debian-lts-announce] 20190813 [SECURITY] [DLA 1882-1] atril security update
- [debian-lts-announce] 20190813 [SECURITY] [DLA 1882-1] atril security update
- 20200216 [SECURITY] [DSA 4624-1] evince security update
- 20200216 [SECURITY] [DSA 4624-1] evince security update
- GLSA-201804-15
- GLSA-201804-15
- DSA-4624
- DSA-4624