evince

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Document viewer (PDF, PostScript, XPS, djvu, dvi, tiff, cbr, cbz, cb7, cbt)
Version 41.3-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-348 3.24.0+8+ga8363215-1 3.24.0+12+g717df38f-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2017-1000083 AVG-348 Critical Yes Arbitrary command execution
The comic book backend in evince <= 3.24.0 is vulnerable to a command injection bug that can be used to execute arbitrary commands when a cbt file is...

Advisories

Date Advisory Group Severity Type
14 Jul 2017 ASA-201707-14 AVG-348 Critical arbitrary command execution