{"openvas": [{"lastseen": "2019-05-29T18:34:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2017-12-29T00:00:00", "id": "OPENVAS:1361412562310873955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310873955", "type": "openvas", "title": "Fedora Update for evince FEDORA-2017-d6402c8005", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2017_d6402c8005_evince_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for evince FEDORA-2017-d6402c8005\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.873955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-29 08:05:19 +0100 (Fri, 29 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000159\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for evince FEDORA-2017-d6402c8005\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'evince'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"evince on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2017-d6402c8005\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FJGXN2MPAGUPMROBPI4LFTVXY4LZR4O6\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"evince\", rpm:\"evince~3.24.2~2.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2017-12-05T00:00:00", "id": "OPENVAS:1361412562310843391", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843391", "type": "openvas", "title": "Ubuntu Update for evince USN-3503-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3503_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for evince USN-3503-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843391\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-12-05 07:29:19 +0100 (Tue, 05 Dec 2017)\");\n script_cve_id(\"CVE-2017-1000159\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for evince USN-3503-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'evince'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that Evince incorrectly\n handled printing certain DVI files. If a user were tricked into opening and\n printing a specially-named DVI file, an attacker could use this issue to execute\n arbitrary code.\");\n script_tag(name:\"affected\", value:\"evince on Ubuntu 17.04,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3503-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3503-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.04|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"evince\", ver:\"3.10.3-0ubuntu10.4\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.10.3-0ubuntu10.4\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"evince\", ver:\"3.24.0-0ubuntu1.3\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.24.0-0ubuntu1.3\", rls:\"UBUNTU17.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"evince\", ver:\"3.18.2-1ubuntu4.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.18.2-1ubuntu4.3\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181010", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181010", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for evince (EulerOS-SA-2018-1010)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1010\");\n script_version(\"2020-01-23T11:08:08+0000\");\n script_cve_id(\"CVE-2017-1000159\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:08:08 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:08:08 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for evince (EulerOS-SA-2018-1010)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1010\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1010\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'evince' package(s) announced via the EulerOS-SA-2018-1010 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.(CVE-2017-1000159)\");\n\n script_tag(name:\"affected\", value:\"'evince' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"evince\", rpm:\"evince~3.14.2~5.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-dvi\", rpm:\"evince-dvi~3.14.2~5.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-libs\", rpm:\"evince-libs~3.14.2~5.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-nautilus\", rpm:\"evince-nautilus~3.14.2~5.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181009", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181009", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for evince (EulerOS-SA-2018-1009)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1009\");\n script_version(\"2020-01-23T11:08:07+0000\");\n script_cve_id(\"CVE-2017-1000159\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:08:07 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:08:07 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for evince (EulerOS-SA-2018-1009)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1009\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1009\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'evince' package(s) announced via the EulerOS-SA-2018-1009 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.(CVE-2017-1000159)\");\n\n script_tag(name:\"affected\", value:\"'evince' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"evince\", rpm:\"evince~3.8.3~9.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-dvi\", rpm:\"evince-dvi~3.8.3~9.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-libs\", rpm:\"evince-libs~3.8.3~9.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"evince-nautilus\", rpm:\"evince-nautilus~3.8.3~9.h2\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:29:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-08-14T00:00:00", "id": "OPENVAS:1361412562310891881", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891881", "type": "openvas", "title": "Debian LTS: Security Advisory for evince (DLA-1881-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891881\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-1000159\", \"CVE-2019-1010006\", \"CVE-2019-11459\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-14 02:00:11 +0000 (Wed, 14 Aug 2019)\");\n script_name(\"Debian LTS: Security Advisory for evince (DLA-1881-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00013.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1881-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'evince'\n package(s) announced via the DLA-1881-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A few issues were found in the Evince document viewer.\n\nCVE-2017-1000159\n\nWhen printing from DVI to PDF, the dvipdfm tool was called without\nproperly sanitizing the filename, which could lead to a command\ninjection attack via the filename.\n\nCVE-2019-11459\n\nThe tiff_document_render() and tiff_document_get_thumbnail() did\nnot check the status of TIFFReadRGBAImageOriented(), leading to\nuninitialized memory access if that function fails.\n\nCVE-2019-1010006\n\nSome buffer overflow checks were not properly done, leading to\napplication crash or possibly arbitrary code execution when\nopening maliciously crafted files.\");\n\n script_tag(name:\"affected\", value:\"'evince' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n3.14.1-2+deb8u3.\n\nWe recommend that you upgrade your evince packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"evince\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-dbg\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-gtk\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-evince-3.0\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevdocument3-4\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevince-dev\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevview3-3\", ver:\"3.14.1-2+deb8u3\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-02-18T14:51:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "The remote host is missing an update for the ", "modified": "2020-02-15T00:00:00", "published": "2020-02-15T00:00:00", "id": "OPENVAS:1361412562310704624", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704624", "type": "openvas", "title": "Debian: Security Advisory for evince (DSA-4624-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704624\");\n script_version(\"2020-02-15T04:00:08+0000\");\n script_cve_id(\"CVE-2017-1000159\", \"CVE-2019-1010006\", \"CVE-2019-11459\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-02-15 04:00:08 +0000 (Sat, 15 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-15 04:00:08 +0000 (Sat, 15 Feb 2020)\");\n script_name(\"Debian: Security Advisory for evince (DSA-4624-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|10)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4624.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4624-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'evince'\n package(s) announced via the DSA-4624-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in evince, a simple multi-page\ndocument viewer.\n\nCVE-2017-1000159\nTobias Mueller reported that the DVI exporter in evince is\nsusceptible to a command injection vulnerability via specially\ncrafted filenames.\n\nCVE-2019-11459\nAndy Nguyen reported that the tiff_document_render() and\ntiff_document_get_thumbnail() functions in the TIFF document backend\ndid not handle errors from TIFFReadRGBAImageOriented(), leading to\ndisclosure of uninitialized memory when processing TIFF image files.\n\nCVE-2019-1010006\nA buffer overflow vulnerability in the tiff backend could lead to\ndenial of service, or potentially the execution of arbitrary code if\na specially crafted PDF file is opened.\");\n\n script_tag(name:\"affected\", value:\"'evince' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 3.22.1-3+deb9u2.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 3.30.2-3+deb10u1. The stable distribution is only affected by\nCVE-2019-11459\n.\n\nWe recommend that you upgrade your evince packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"browser-plugin-evince\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-gtk\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-evince-3.0\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevdocument3-4\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevince-dev\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevview3-3\", ver:\"3.22.1-3+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"evince-common\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"gir1.2-evince-3.0\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevdocument3-4\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevince-dev\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libevview3-3\", ver:\"3.30.2-3+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:29:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "The remote host is missing an update for the ", "modified": "2020-01-29T00:00:00", "published": "2019-08-14T00:00:00", "id": "OPENVAS:1361412562310891882", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891882", "type": "openvas", "title": "Debian LTS: Security Advisory for atril (DLA-1882-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891882\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2017-1000159\", \"CVE-2019-1010006\", \"CVE-2019-11459\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-08-14 02:00:12 +0000 (Wed, 14 Aug 2019)\");\n script_name(\"Debian LTS: Security Advisory for atril (DLA-1882-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00014.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1882-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'atril'\n package(s) announced via the DLA-1882-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"A few issues were found in Atril, the MATE document viewer.\n\nCVE-2017-1000159\n\nWhen printing from DVI to PDF, the dvipdfm tool was called without\nproperly sanitizing the filename, which could lead to a command\ninjection attack via the filename.\n\nCVE-2019-11459\n\nThe tiff_document_render() and tiff_document_get_thumbnail() did\nnot check the status of TIFFReadRGBAImageOriented(), leading to\nuninitialized memory access if that function fails.\n\nCVE-2019-1010006\n\nSome buffer overflow checks were not properly done, leading to\napplication crash or possibly arbitrary code execution when\nopening maliciously crafted files.\");\n\n script_tag(name:\"affected\", value:\"'atril' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n1.8.1+dfsg1-4+deb8u2.\n\nWe recommend that you upgrade your atril packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"atril\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"atril-common\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"atril-dbg\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrildocument-dev\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrildocument3\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrildocument3-dbg\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrilview-dev\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrilview3\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libatrilview3-dbg\", ver:\"1.8.1+dfsg1-4+deb8u2\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000159"], "description": "Evince is simple multi-page document viewer. It can display and print Portable Document Format (PDF), PostScript (PS) and Encapsulated PostScript (EPS) files. When supported by the document format, evince allows searching for text, copying text to the clipboard, hypertext navigation, table-of-contents bookmarks and editing of forms. Support for other document formats such as DVI and DJVU can be added by installing additional backends. ", "modified": "2017-12-26T16:32:35", "published": "2017-12-26T16:32:35", "id": "FEDORA:A31296015E29", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 26 Update: evince-3.24.2-2.fc26", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:43:03", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000159"], "description": "It was discovered that Evince incorrectly handled printing certain DVI \nfiles. If a user were tricked into opening and printing a specially-named \nDVI file, an attacker could use this issue to execute arbitrary code.", "edition": 5, "modified": "2017-12-04T00:00:00", "published": "2017-12-04T00:00:00", "id": "USN-3503-1", "href": "https://ubuntu.com/security/notices/USN-3503-1", "title": "Evince vulnerability", "type": "ubuntu", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:48", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000159"], "description": "Package : evince\nVersion : 3.4.0-3.1+deb7u2\nCVE ID : CVE-2017-1000159\n\nIt was discovered that there was an arbitrary command injection in the\nevince PDF viewer.\n\nA specially-crafted embedded DVI filename could be exploited to run\ncommands as the current user when "printing" to PDF.\n\nFor Debian 7 "Wheezy", this issue has been fixed in evince version\n3.4.0-3.1+deb7u2.\n\nWe recommend that you upgrade your evince packages.\n\n\nRegards,\n\n- -- \n ,''`.\n : :' : Chris Lamb\n `. `'` lamby@debian.org / chris-lamb.co.uk\n `-\n\n", "edition": 3, "modified": "2017-12-11T16:19:47", "published": "2017-12-11T16:19:47", "id": "DEBIAN:DLA-1204-1:DA884", "href": "https://lists.debian.org/debian-lts-announce/2017/debian-lts-announce-201712/msg00006.html", "title": "[SECURITY] [DLA 1204-1] evince security update", "type": "debian", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:52:40", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "Package : evince\nVersion : 3.14.1-2+deb8u3\nCVE ID : CVE-2017-1000159 CVE-2019-11459 CVE-2019-1010006\n\nA few issues were found in the Evince document viewer.\n\nCVE-2017-1000159\n\n When printing from DVI to PDF, the dvipdfm tool was called without\n properly sanitizing the filename, which could lead to a command\n injection attack via the filename.\n\nCVE-2019-11459\n\n The tiff_document_render() and tiff_document_get_thumbnail() did\n not check the status of TIFFReadRGBAImageOriented(), leading to\n uninitialized memory access if that funcion fails.\n\nCVE-2019-1010006\n\n Some buffer overflow checks were not properly done, leading to\n application crash or possibly arbitrary code execution when\n opening maliciously crafted files.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n3.14.1-2+deb8u3.\n\nWe recommend that you upgrade your evince packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 7, "modified": "2019-08-13T12:16:46", "published": "2019-08-13T12:16:46", "id": "DEBIAN:DLA-1881-1:23B0E", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201908/msg00013.html", "title": "[SECURITY] [DLA 1881-1] evince security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T01:00:58", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "Package : atril\nVersion : 1.8.1+dfsg1-4+deb8u2\nCVE ID : CVE-2017-1000159 CVE-2019-11459 CVE-2019-1010006\n\nA few issues were found in Atril, the MATE document viewer.\n\nCVE-2017-1000159\n\n When printing from DVI to PDF, the dvipdfm tool was called without\n properly sanitizing the filename, which could lead to a command\n injection attack via the filename.\n\nCVE-2019-11459\n\n The tiff_document_render() and tiff_document_get_thumbnail() did\n not check the status of TIFFReadRGBAImageOriented(), leading to\n uninitialized memory access if that funcion fails.\n\nCVE-2019-1010006\n\n Some buffer overflow checks were not properly done, leading to\n application crash or possibly arbitrary code execution when\n opening maliciously crafted files.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n1.8.1+dfsg1-4+deb8u2.\n\nWe recommend that you upgrade your atril packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 9, "modified": "2019-08-13T12:40:44", "published": "2019-08-13T12:40:44", "id": "DEBIAN:DLA-1882-1:2C1D6", "href": "https://lists.debian.org/debian-lts-announce/2019/debian-lts-announce-201908/msg00014.html", "title": "[SECURITY] [DLA 1882-1] atril security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-14T10:26:11", "bulletinFamily": "unix", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4624-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nFebruary 14, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : evince\nCVE ID : CVE-2017-1000159 CVE-2019-11459 CVE-2019-1010006\nDebian Bug : 927820\n\nSeveral vulnerabilities were discovered in evince, a simple multi-page\ndocument viewer.\n\nCVE-2017-1000159\n\n Tobias Mueller reported that the DVI exporter in evince is\n susceptible to a command injection vulnerability via specially\n crafted filenames.\n\nCVE-2019-11459\n\n Andy Nguyen reported that the tiff_document_render() and\n tiff_document_get_thumbnail() functions in the TIFF document backend\n did not handle errors from TIFFReadRGBAImageOriented(), leading to\n disclosure of uninitialized memory when processing TIFF image files.\n\nCVE-2019-1010006\n\n A buffer overflow vulnerability in the tiff backend could lead to\n denial of service, or potentially the execution of arbitrary code if\n a specially crafted PDF file is opened.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 3.22.1-3+deb9u2.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 3.30.2-3+deb10u1. The stable distribution is only affected by\nCVE-2019-11459.\n\nWe recommend that you upgrade your evince packages.\n\nFor the detailed security status of evince please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/evince\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2020-02-14T23:00:52", "published": "2020-02-14T23:00:52", "id": "DEBIAN:DSA-4624-1:337E1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00027.html", "title": "[SECURITY] [DSA 4624-1] evince security update", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2018-04-17T23:20:46", "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000159"], "description": "### Background\n\nEvince is a document viewer for multiple document formats, including PostScript. \n\n### Description\n\nA vulnerability was discovered in Evince\u2019s handling of filenames while printing PDF files. \n\n### Impact\n\nA remote attacker, by enticing the user to process a specially crafted file, could execute arbitrary commands. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Evince users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-text/evince-3.24.2-r1\"", "edition": 1, "modified": "2018-04-17T00:00:00", "published": "2018-04-17T00:00:00", "href": "https://security.gentoo.org/glsa/201804-15", "id": "GLSA-201804-15", "type": "gentoo", "title": "Evince: Command injection", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-20T14:51:20", "description": "This update for evince provides the following fix :\n\n - CVE-2017-1000159: Prevent command line injections via\n filenames when printing to a file. (bsc#1070046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-03-09T00:00:00", "title": "SUSE SLES11 Security Update : evince (SUSE-SU-2018:0639-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2018-03-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:evince", "p-cpe:/a:novell:suse_linux:evince-lang", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:evince-doc"], "id": "SUSE_SU-2018-0639-1.NASL", "href": "https://www.tenable.com/plugins/nessus/107255", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0639-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107255);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000159\");\n\n script_name(english:\"SUSE SLES11 Security Update : evince (SUSE-SU-2018:0639-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for evince provides the following fix :\n\n - CVE-2017-1000159: Prevent command line injections via\n filenames when printing to a file. (bsc#1070046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1070046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000159/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180639-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?54d76c12\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-evince-13502=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-evince-13502=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-evince-13502=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"evince-2.28.2-0.7.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"evince-doc-2.28.2-0.7.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"evince-lang-2.28.2-0.7.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-01T06:50:09", "description": "This update for evince fixes the following issues :\n\n - CVE-2017-1000159: Command injection in evince via\n filename when printing to PDF could lead to command\n execution (bsc#1070046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-17T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : evince (SUSE-SU-2018:0947-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2021-04-02T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libevview3", "p-cpe:/a:novell:suse_linux:libevdocument3-4-debuginfo", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:evince-debuginfo", "p-cpe:/a:novell:suse_linux:evince", "p-cpe:/a:novell:suse_linux:libevview3-3-debuginfo", "p-cpe:/a:novell:suse_linux:evince-plugin-djvudocument", "p-cpe:/a:novell:suse_linux:nautilus-evince", "p-cpe:/a:novell:suse_linux:libevdocument3", "p-cpe:/a:novell:suse_linux:typelib-1_0-EvinceDocument", "p-cpe:/a:novell:suse_linux:evince-plugin-tiffdocument-debuginfo", "p-cpe:/a:novell:suse_linux:evince-browser-plugin", "p-cpe:/a:novell:suse_linux:evince-plugin-pdfdocument-debuginfo", "p-cpe:/a:novell:suse_linux:evince-plugin-psdocument", "p-cpe:/a:novell:suse_linux:evince-plugin-dvidocument", "p-cpe:/a:novell:suse_linux:evince-plugin-djvudocument-debuginfo", "p-cpe:/a:novell:suse_linux:evince-plugin-dvidocument-debuginfo", "p-cpe:/a:novell:suse_linux:evince-plugin-xpsdocument", "p-cpe:/a:novell:suse_linux:evince-plugin-xpsdocument-debuginfo", "p-cpe:/a:novell:suse_linux:nautilus-evince-debuginfo", "p-cpe:/a:novell:suse_linux:evince-debugsource", "p-cpe:/a:novell:suse_linux:evince-plugin-pdfdocument", "p-cpe:/a:novell:suse_linux:evince-plugin-psdocument-debuginfo", "p-cpe:/a:novell:suse_linux:evince-plugin-tiffdocument", "p-cpe:/a:novell:suse_linux:evince-browser-plugin-debuginfo", "p-cpe:/a:novell:suse_linux:typelib-1_0-EvinceView"], "id": "SUSE_SU-2018-0947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/109083", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2018:0947-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109083);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/09/10 13:51:47\");\n\n script_cve_id(\"CVE-2017-1000159\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : evince (SUSE-SU-2018:0947-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for evince fixes the following issues :\n\n - CVE-2017-1000159: Command injection in evince via\n filename when printing to PDF could lead to command\n execution (bsc#1070046)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1070046\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000159/\"\n );\n # https://www.suse.com/support/update/announcement/2018/suse-su-20180947-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?992141e9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP3:zypper in -t patch\nSUSE-SLE-WE-12-SP3-2018-638=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP3:zypper in -t\npatch SUSE-SLE-SDK-12-SP3-2018-638=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2018-638=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2018-638=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-browser-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-browser-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-djvudocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-djvudocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-dvidocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-dvidocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-pdfdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-pdfdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-psdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-psdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-tiffdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-tiffdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-xpsdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:evince-plugin-xpsdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libevdocument3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libevdocument3-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libevview3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libevview3-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nautilus-evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nautilus-evince-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-EvinceDocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:typelib-1_0-EvinceView\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-browser-plugin-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-browser-plugin-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-debugsource-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-djvudocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-dvidocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-pdfdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-psdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-psdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-tiffdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-xpsdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libevdocument3-4-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libevdocument3-4-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libevview3-3-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libevview3-3-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"nautilus-evince-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"nautilus-evince-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-browser-plugin-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-browser-plugin-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-debugsource-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-djvudocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-djvudocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-dvidocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-dvidocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-pdfdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-pdfdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-psdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-psdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-tiffdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-tiffdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-xpsdocument-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"evince-plugin-xpsdocument-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libevdocument3-4-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libevdocument3-4-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libevview3-3-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"libevview3-3-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"nautilus-evince-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"nautilus-evince-debuginfo-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"typelib-1_0-EvinceDocument-3_0-3.20.2-6.22.9\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"typelib-1_0-EvinceView-3_0-3.20.2-6.22.9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:38:52", "description": "It was discovered that there was an arbitrary command injection in the\nevince PDF viewer.\n\nA specially crafted embedded DVI filename could be exploited to run\ncommands as the current user when 'printing' to PDF.\n\nFor Debian 7 'Wheezy', this issue has been fixed in evince version\n3.4.0-3.1+deb7u2.\n\nWe recommend that you upgrade your evince packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 18, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-12T00:00:00", "title": "Debian DLA-1204-1 : evince security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2017-12-12T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:evince-common", "p-cpe:/a:debian:debian_linux:libevdocument3-4", "p-cpe:/a:debian:debian_linux:libevview3-3", "cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:evince", "p-cpe:/a:debian:debian_linux:evince-dbg", "p-cpe:/a:debian:debian_linux:libevince-dev", "p-cpe:/a:debian:debian_linux:gir1.2-evince-3.0", "p-cpe:/a:debian:debian_linux:evince-gtk"], "id": "DEBIAN_DLA-1204.NASL", "href": "https://www.tenable.com/plugins/nessus/105169", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1204-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105169);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-1000159\");\n\n script_name(english:\"Debian DLA-1204-1 : evince security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there was an arbitrary command injection in the\nevince PDF viewer.\n\nA specially crafted embedded DVI filename could be exploited to run\ncommands as the current user when 'printing' to PDF.\n\nFor Debian 7 'Wheezy', this issue has been fixed in evince version\n3.4.0-3.1+deb7u2.\n\nWe recommend that you upgrade your evince packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2017/12/msg00006.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/evince\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gir1.2-evince-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevdocument3-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevince-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevview3-3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"evince\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"evince-common\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"evince-dbg\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"evince-gtk\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"gir1.2-evince-3.0\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libevdocument3-4\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libevince-dev\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libevview3-3\", reference:\"3.4.0-3.1+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:52:53", "description": "According to the version of the evince packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Command injection in evince via filename when printing\n to PDF. This affects versions earlier than\n 3.25.91.(CVE-2017-1000159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-19T00:00:00", "title": "EulerOS 2.0 SP2 : evince (EulerOS-SA-2018-1010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2018-01-19T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:evince-libs", "p-cpe:/a:huawei:euleros:evince-dvi", "p-cpe:/a:huawei:euleros:evince-nautilus", "p-cpe:/a:huawei:euleros:evince", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1010.NASL", "href": "https://www.tenable.com/plugins/nessus/106151", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106151);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-1000159\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : evince (EulerOS-SA-2018-1010)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the evince packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Command injection in evince via filename when printing\n to PDF. This affects versions earlier than\n 3.25.91.(CVE-2017-1000159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1010\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?55396b49\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected evince package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-dvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"evince-3.14.2-5.h2\",\n \"evince-dvi-3.14.2-5.h2\",\n \"evince-libs-3.14.2-5.h2\",\n \"evince-nautilus-3.14.2-5.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-01T03:10:04", "description": "The remote host is affected by the vulnerability described in GLSA-201804-15\n(Evince: Command injection)\n\n A vulnerability was discovered in Evince’s handling of filenames while\n printing PDF files.\n \nImpact :\n\n A remote attacker, by enticing the user to process a specially crafted\n file, could execute arbitrary commands.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-18T00:00:00", "title": "GLSA-201804-15 : Evince: Command injection", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:evince"], "id": "GENTOO_GLSA-201804-15.NASL", "href": "https://www.tenable.com/plugins/nessus/109099", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201804-15.\n#\n# The advisory text is Copyright (C) 2001-2018 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(109099);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/06/07 13:15:38\");\n\n script_cve_id(\"CVE-2017-1000159\");\n script_xref(name:\"GLSA\", value:\"201804-15\");\n\n script_name(english:\"GLSA-201804-15 : Evince: Command injection\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201804-15\n(Evince: Command injection)\n\n A vulnerability was discovered in Evince’s handling of filenames while\n printing PDF files.\n \nImpact :\n\n A remote attacker, by enticing the user to process a specially crafted\n file, could execute arbitrary commands.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201804-15\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Evince users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-text/evince-3.24.2-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-text/evince\", unaffected:make_list(\"ge 3.24.2-r1\"), vulnerable:make_list(\"lt 3.24.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-20T12:37:01", "description": "This update for evince fixes the following issues :\n\n - CVE-2017-1000159: Command injection in evince via\n filename when printing to PDF could lead to command\n execution (bsc#1070046)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.", "edition": 16, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-04-17T00:00:00", "title": "openSUSE Security Update : evince (openSUSE-2018-367)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2018-04-17T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:evince-plugin-dvidocument-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-xpsdocument", "p-cpe:/a:novell:opensuse:libevdocument3-4-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-pdfdocument-debuginfo", "p-cpe:/a:novell:opensuse:typelib-1_0-EvinceView-3_0", "p-cpe:/a:novell:opensuse:evince-devel", "p-cpe:/a:novell:opensuse:evince-debugsource", "p-cpe:/a:novell:opensuse:evince-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-xpsdocument-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-djvudocument-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-comicsdocument-debuginfo", "p-cpe:/a:novell:opensuse:libevview3-3-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-tiffdocument-debuginfo", "p-cpe:/a:novell:opensuse:libevdocument3-4", "p-cpe:/a:novell:opensuse:typelib-1_0-EvinceDocument-3_0", "p-cpe:/a:novell:opensuse:evince", "p-cpe:/a:novell:opensuse:libevview3-3", "p-cpe:/a:novell:opensuse:evince-browser-plugin", "p-cpe:/a:novell:opensuse:nautilus-evince-debuginfo", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:evince-plugin-psdocument", "p-cpe:/a:novell:opensuse:evince-plugin-comicsdocument", "p-cpe:/a:novell:opensuse:nautilus-evince", "p-cpe:/a:novell:opensuse:evince-plugin-pdfdocument", "p-cpe:/a:novell:opensuse:evince-plugin-dvidocument", "p-cpe:/a:novell:opensuse:evince-plugin-psdocument-debuginfo", "p-cpe:/a:novell:opensuse:evince-plugin-djvudocument", "p-cpe:/a:novell:opensuse:evince-lang", "p-cpe:/a:novell:opensuse:evince-plugin-tiffdocument", "p-cpe:/a:novell:opensuse:evince-browser-plugin-debuginfo"], "id": "OPENSUSE-2018-367.NASL", "href": "https://www.tenable.com/plugins/nessus/109067", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-367.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109067);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000159\");\n\n script_name(english:\"openSUSE Security Update : evince (openSUSE-2018-367)\");\n script_summary(english:\"Check for the openSUSE-2018-367 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for evince fixes the following issues :\n\n - CVE-2017-1000159: Command injection in evince via\n filename when printing to PDF could lead to command\n execution (bsc#1070046)\n\nThis update was imported from the SUSE:SLE-12-SP2:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1070046\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evince packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-browser-plugin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-browser-plugin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-comicsdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-comicsdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-djvudocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-djvudocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-dvidocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-dvidocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-pdfdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-pdfdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-psdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-psdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-tiffdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-tiffdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-xpsdocument\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:evince-plugin-xpsdocument-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libevdocument3-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libevdocument3-4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libevview3-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libevview3-3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nautilus-evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nautilus-evince-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-EvinceDocument-3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:typelib-1_0-EvinceView-3_0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-browser-plugin-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-browser-plugin-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-debugsource-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-devel-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-lang-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-comicsdocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-comicsdocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-djvudocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-djvudocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-dvidocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-dvidocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-pdfdocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-pdfdocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-psdocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-psdocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-tiffdocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-tiffdocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-xpsdocument-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"evince-plugin-xpsdocument-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libevdocument3-4-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libevdocument3-4-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libevview3-3-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libevview3-3-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nautilus-evince-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"nautilus-evince-debuginfo-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"typelib-1_0-EvinceDocument-3_0-3.20.2-9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"typelib-1_0-EvinceView-3_0-3.20.2-9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince / evince-browser-plugin / evince-browser-plugin-debuginfo / etc\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:14:08", "description": "CVE-2017-1000159 Command injection when exporting DVI to PDF\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-28T00:00:00", "title": "Fedora 26 : evince (2017-d6402c8005)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2017-12-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:evince", "cpe:/o:fedoraproject:fedora:26"], "id": "FEDORA_2017-D6402C8005.NASL", "href": "https://www.tenable.com/plugins/nessus/105477", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-d6402c8005.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(105477);\n script_version(\"3.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000159\");\n script_xref(name:\"FEDORA\", value:\"2017-d6402c8005\");\n\n script_name(english:\"Fedora 26 : evince (2017-d6402c8005)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2017-1000159 Command injection when exporting DVI to PDF\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-d6402c8005\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evince package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:26\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^26([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 26\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC26\", reference:\"evince-3.24.2-2.fc26\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:52:52", "description": "According to the version of the evince packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Command injection in evince via filename when printing\n to PDF. This affects versions earlier than\n 3.25.91.(CVE-2017-1000159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-01-19T00:00:00", "title": "EulerOS 2.0 SP1 : evince (EulerOS-SA-2018-1009)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2018-01-19T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:evince-libs", "p-cpe:/a:huawei:euleros:evince-dvi", "p-cpe:/a:huawei:euleros:evince-nautilus", "p-cpe:/a:huawei:euleros:evince", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1009.NASL", "href": "https://www.tenable.com/plugins/nessus/106150", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(106150);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-1000159\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : evince (EulerOS-SA-2018-1009)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the evince packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - Command injection in evince via filename when printing\n to PDF. This affects versions earlier than\n 3.25.91.(CVE-2017-1000159)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1009\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bdcaced4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected evince package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-dvi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:evince-nautilus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"evince-3.8.3-9.h2\",\n \"evince-dvi-3.8.3-9.h2\",\n \"evince-libs-3.8.3-9.h2\",\n \"evince-nautilus-3.8.3-9.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-04-01T07:29:51", "description": "It was discovered that Evince incorrectly handled printing certain DVI\nfiles. If a user were tricked into opening and printing a\nspecially-named DVI file, an attacker could use this issue to execute\narbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 30, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2017-12-05T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : evince vulnerability (USN-3503-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-1000159"], "modified": "2021-04-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:17.04", "p-cpe:/a:canonical:ubuntu_linux:evince", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:evince-common", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3503-1.NASL", "href": "https://www.tenable.com/plugins/nessus/105021", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3503-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105021);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:47\");\n\n script_cve_id(\"CVE-2017-1000159\");\n script_xref(name:\"USN\", value:\"3503-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.04 : evince vulnerability (USN-3503-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Evince incorrectly handled printing certain DVI\nfiles. If a user were tricked into opening and printing a\nspecially-named DVI file, an attacker could use this issue to execute\narbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3503-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected evince and / or evince-common packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:evince-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"evince\", pkgver:\"3.10.3-0ubuntu10.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"evince-common\", pkgver:\"3.10.3-0ubuntu10.4\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"evince\", pkgver:\"3.18.2-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"evince-common\", pkgver:\"3.18.2-1ubuntu4.3\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"evince\", pkgver:\"3.24.0-0ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"17.04\", pkgname:\"evince-common\", pkgver:\"3.24.0-0ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"evince / evince-common\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:41:13", "description": "A few issues were found in the Evince document viewer.\n\nCVE-2017-1000159\n\nWhen printing from DVI to PDF, the dvipdfm tool was called without\nproperly sanitizing the filename, which could lead to a command\ninjection attack via the filename.\n\nCVE-2019-11459\n\nThe tiff_document_render() and tiff_document_get_thumbnail() did not\ncheck the status of TIFFReadRGBAImageOriented(), leading to\nuninitialized memory access if that funcion fails.\n\nCVE-2019-1010006\n\nSome buffer overflow checks were not properly done, leading to\napplication crash or possibly arbitrary code execution when opening\nmaliciously crafted files.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.14.1-2+deb8u3.\n\nWe recommend that you upgrade your evince packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 16, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-08-14T00:00:00", "title": "Debian DLA-1881-1 : evince security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-1010006", "CVE-2017-1000159", "CVE-2019-11459"], "modified": "2019-08-14T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:evince-common", "p-cpe:/a:debian:debian_linux:libevdocument3-4", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libevview3-3", "p-cpe:/a:debian:debian_linux:evince", "p-cpe:/a:debian:debian_linux:evince-dbg", "p-cpe:/a:debian:debian_linux:libevince-dev", "p-cpe:/a:debian:debian_linux:gir1.2-evince-3.0", "p-cpe:/a:debian:debian_linux:evince-gtk"], "id": "DEBIAN_DLA-1881.NASL", "href": "https://www.tenable.com/plugins/nessus/127863", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1881-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127863);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2017-1000159\", \"CVE-2019-1010006\", \"CVE-2019-11459\");\n\n script_name(english:\"Debian DLA-1881-1 : evince security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A few issues were found in the Evince document viewer.\n\nCVE-2017-1000159\n\nWhen printing from DVI to PDF, the dvipdfm tool was called without\nproperly sanitizing the filename, which could lead to a command\ninjection attack via the filename.\n\nCVE-2019-11459\n\nThe tiff_document_render() and tiff_document_get_thumbnail() did not\ncheck the status of TIFFReadRGBAImageOriented(), leading to\nuninitialized memory access if that funcion fails.\n\nCVE-2019-1010006\n\nSome buffer overflow checks were not properly done, leading to\napplication crash or possibly arbitrary code execution when opening\nmaliciously crafted files.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n3.14.1-2+deb8u3.\n\nWe recommend that you upgrade your evince packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/08/msg00013.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/evince\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-1010006\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:evince-gtk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:gir1.2-evince-3.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevdocument3-4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevince-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libevview3-3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"evince\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"evince-common\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"evince-dbg\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"evince-gtk\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"gir1.2-evince-3.0\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libevdocument3-4\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libevince-dev\", reference:\"3.14.1-2+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libevview3-3\", reference:\"3.14.1-2+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
