CVE-2017-1000159

NameCVE-2017-1000159
DescriptionCommand injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1204-1, DLA-1881-1, DLA-1882-1, DSA-4624-1
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
atril (PTS)stretch1.16.1-2+deb9u2fixed
stretch (security)1.16.1-2+deb9u1vulnerable
buster1.20.3-1+deb10u1fixed
bullseye, sid1.24.0-1fixed
evince (PTS)stretch (security), stretch3.22.1-3+deb9u2fixed
buster, buster (security)3.30.2-3+deb10u1fixed
bullseye, sid3.38.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
atrilsourcejessie1.8.1+dfsg1-4+deb8u2DLA-1882-1
atrilsourcestretch1.16.1-2+deb9u2
atrilsource(unstable)1.20.0-1low
evincesourcewheezy3.4.0-3.1+deb7u2DLA-1204-1
evincesourcejessie3.14.1-2+deb8u3DLA-1881-1
evincesourcestretch3.22.1-3+deb9u2DSA-4624-1
evincesource(unstable)3.25.92-1low

Notes

[stretch] - evince <no-dsa> (Minor issue)
https://bugzilla.gnome.org/show_bug.cgi?id=784947
Introduced by: https://git.gnome.org/browse/evince/commit/?id=1fcca0b8041de0d6074d7e17fba174da36c65f99 (EVINCE_0_9_1)
Fixed by: https://git.gnome.org/browse/evince/commit/?id=350404c76dc8601e2cdd2636490e2afc83d3090e (3.25.91)

Search for package or bug name: Reporting problems