80 matches found
[SECURITY] [DLA 769-1] shutter security update
Package : shutter Version : 0.88.3-1+deb7u1 CVE ID : CVE-2015-0854 Debian Bug : 798862 The feature-rich screenshot program shutter uses the system call in an unsafe way. This allows an attacker to execute arbitrary programs via crafted directory names. For Debian 7 "Wheezy", this problem has been...
DLA-769-1 shutter - security update
Bulletin has no description...
Design/Logic Flaw
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
DEBIAN-CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
Design/Logic Flaw
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
UBUNTU-CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
DEBIAN-CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
UBUNTU-CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...
CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action...
CVE-2015-0854
Summary (CVE-2015-0854): The Shutter screenshot tool is affected up to version 0.93.1. The vulnerability resides in App/HelperFunctions.pm where the image name is mishandled during the “Show in Folder” action, allowing a user-assisted remote attacker to execute arbitrary commands. This is trigger...
CVE-2016-10081
CVE-2016-10081 affects Shutter up to version 0.93.1, enabling user-assisted remote command execution via a crafted image name during a Run a plugin action. Public writeups and advisories reference remote code execution and fixes in subsequent patches (e.g., openSUSE security update openSUSE-2017-...
CVE-2015-0854
App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action...