Shutter 0.93.1 - Code Execution CVE-2016-10081 /usr/bin/shutter allows user-assisted remote attackers to execute arbitrary command
Reporter | Title | Published | Views | Family All 14 |
---|---|---|---|---|
Cvelist | CVE-2016-10081 | 29 Dec 201618:00 | – | cvelist |
exploitpack | Shutter 0.93.1 - Code Execution | 26 Dec 201600:00 | – | exploitpack |
CVE | CVE-2016-10081 | 29 Dec 201618:59 | – | cve |
OpenVAS | Mageia: Security Advisory (MGASA-2017-0292) | 28 Jan 202200:00 | – | openvas |
OpenVAS | Fedora: Security Advisory for shutter (FEDORA-2021-5b74a5a0db) | 30 Aug 202100:00 | – | openvas |
Fedora | [SECURITY] Fedora 33 Update: shutter-0.98-5.fc33 | 29 Aug 202101:14 | – | fedora |
Packet Storm | Shutter 0.93.1 Code Execution | 22 Feb 201700:00 | – | packetstorm |
UbuntuCve | CVE-2016-10081 | 29 Dec 201600:00 | – | ubuntucve |
Tenable Nessus | openSUSE Security Update : shutter (openSUSE-2017-952) | 18 Aug 201700:00 | – | nessus |
Prion | Design/Logic Flaw | 29 Dec 201618:59 | – | prion |
# Exploit Title: Shutter user-assisted remote code execution
# Date: 2016-12-26
# Software Link: http://shutter-project.org/
# Version: 0.93.1
# Tested on: Ubuntu, Debian
# Exploit Author: Prajith P
# Website: http://prajith.in/
# Author Mail: [email protected]
# CVE: CVE-2016-10081
1. Description.
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote
attackers to execute arbitrary commands via a crafted image name that is
mishandled during a "Run a plugin" action.
2. Proof of concept.
1) Rename an image to something like "$(firefox)"
2) Open the renamed file in shutter
3) Click the "Run a plugin" option and select any plugin from the list and click "Run"
3. Solution:
https://bugs.launchpad.net/shutter/+bug/1652600
Thanks,
Prajithh
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo