Critical Code Injection Flaw In Gnome File Manager Leaves Linux Users Open to Hacking

A security researcher has discovered a code injection vulnerability in the thumbnail handler component of GNOME Files file manager that could allow hackers to execute malicious code on targeted Linux machines. Dubbed Bad Taste, the vulnerability CVE-2017-11421 was discovered by German researcher...

CVE-2017-11421

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...

CVE-2017-11421

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...

CVE-2017-11421

gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a local attack if the victim uses the GNOME Files file manager, and navigates to a directory containing a .msi file with VBScript code in its filename...

CVE-2017-11421

The CVE-2017-11421 entry affects gnome-exe-thumbnailer prior to 0.9.5, used by GNOME Files to generate thumbnails. It permits VBScript Injection via MSI file names, enabling local code execution when a user navigates to a directory containing a malicious MSI and GNOME Files invokes the thumbnaile...

CVE-2017-11421

Removed by vendor...