CVE-2016-10081

Click the icon to Follow me:- twitterTelegramRedditDiscord

Summary:

/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a “Run a plugin” action.

Reference Links(if available):

  • https://bugs.launchpad.net/shutter/+bug/1652600
  • http://www.securityfocus.com/bid/95351
  • https://www.exploit-db.com/exploits/41435/
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/4QG54GTU45KBIQJLU4WREG4G4JJEUTEJ/
  • CVSS Score (if available)

    v2: / MEDIUMAV:N/AC:M/Au:N/C:C/I:C/A:C

    v3: / HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • https://github.com/offensive-security/exploitdb/blob/master/exploits/linux/local/41435.txt
  • Available for Amazon Prime