#VU7546 Code injection in Evince - CVE-2017-1000083


| Updated: 2021-06-17

Vulnerability identifier: #VU7546

Vulnerability risk: High

CVSSv4.0: 8.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]

CVE-ID: CVE-2017-1000083

CWE-ID: CWE-94

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Evince
Client/Desktop applications / Multimedia software

Vendor: Gnome Development Team

Description

The vulnerability allows a remote attacker to execute arbitrary commands.

The vulnerability exists due to insufficient sanitization of user-supplied data when processing tar comic book (cbt) files in evince. A remote attacker can create a speicially crafted "cbt" file, trick the victim into downloading it and execute arbitrary commands on vulnerable system.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation
Update to version 3.25.0.

Vulnerable software versions

Evince: 3.24.0

External links
https://bugzilla.gnome.org/show_bug.cgi?id=784630

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.


Latest bulletins with this vulnerability


openSUSE update for evince
SUSE Linux update for evince
SUSE Linux update for evince
Code injection in evince (Alpine package)
Red Hat update for Evince
OpenSUSE Linux update for evince
Debian update for atril
SUSE Linux update for evince
SUSE Linux update for evince
Debian update for evince