Lucene search

K
cvelistMitreCVELIST:CVE-2017-1000083
HistorySep 05, 2017 - 6:00 a.m.

CVE-2017-1000083

2017-09-0506:00:00
mitre
www.cve.org
1

7.9 High

AI Score

Confidence

High

0.222 Low

EPSS

Percentile

96.5%

backend/comics/comics-document.c (aka the comic book backend) in GNOME Evince before 3.24.1 allows remote attackers to execute arbitrary commands via a .cbt file that is a TAR archive containing a filename beginning with a “–” command-line option substring, as demonstrated by a --checkpoint-action=exec=bash at the beginning of the filename.