evince - Arch Linux
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-348 | 3.24.0+8+ga8363215-1 | 3.24.0+12+g717df38f-1 | Critical | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2017-1000083 | AVG-348 | Critical | Yes | Arbitrary command execution | The comic book backend in evince <= 3.24.0 is vulnerable to a command injection bug that can be used to execute arbitrary commands when a cbt file is... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 14 Jul 2017 | ASA-201707-14 | AVG-348 | Critical | arbitrary command execution |