AVG-348

Package evince
Status Fixed
Severity Critical
Type arbitrary command execution
Affected 3.24.0+8+ga8363215-1
Fixed 3.24.0+12+g717df38f-1
Current 3.28.2-1 [extra]
Ticket None
Created Fri Jul 14 18:35:31 2017
Issue Severity Remote Type Description
CVE-2017-1000083 Critical Yes Arbitrary command execution
The comic book backend in evince <= 3.24.0 is vulnerable to a command injection bug that can be used to execute arbitrary commands when a cbt file is...
Date Advisory Package Description
14 Jul 2017 ASA-201707-14 evince arbitrary command execution