Описание
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.
Ссылки
- Patch
- ExploitVendor Advisory
- Mailing List
- Mailing List
- Patch
- ExploitVendor Advisory
- Mailing List
- Mailing List
Уязвимые конфигурации
EPSS
9.6 Critical
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the target user opens a crafted document or clicks on a crafted link/URL using a maliciously crafted CBT document which is a TAR archive. A patch is available at commit ce41df6.
Atril is a simple multi-page document viewer. Atril is vulnerable to a ...
Уязвимость программы для просмотра многостраничных документов Atril, связанная с возможностью внедрения команд, позволяющая нарушителю выполнить произвольный код
EPSS
9.6 Critical
CVSS3
8.8 High
CVSS3