CVE-2017-1000159

Опубликовано: 14 июл. 2017

Источник: redhat

CVSS3: 7.8

Описание

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

Отчет

This issue affects the versions of evince as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	evince	Not affected
Red Hat Enterprise Linux 6	evince	Will not fix
Red Hat Enterprise Linux 7	evince	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-77

https://bugzilla.redhat.com/show_bug.cgi?id=1521210evince: Command injection when exporting to PDF

7.8 High

CVSS3

Связанные уязвимости

CVE-2017-1000159

CVSS3: 7.8

ubuntu

около 8 лет назад

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

CVE-2017-1000159

CVSS3: 7.8

nvd

около 8 лет назад

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

CVE-2017-1000159

CVSS3: 7.8

debian

около 8 лет назад

Command injection in evince via filename when printing to PDF. This af ...

openSUSE-SU-2018:0960-1

suse-cvrf

почти 8 лет назад

Security update for evince

SUSE-SU-2018:0947-1

suse-cvrf

почти 8 лет назад

Security update for evince

7.8 High

CVSS3