Vulnerability Details CVE-2016-10081
/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.034
EPSS Ranking 86.9%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/95351
- https://bugs.launchpad.net/shutter/+bug/1652600
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QG54GTU45KBIQJLU4WREG4G4JJEUTEJ/
- https://www.exploit-db.com/exploits/41435/
- http://www.securityfocus.com/bid/95351
- https://bugs.launchpad.net/shutter/+bug/1652600
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QG54GTU45KBIQJLU4WREG4G4JJEUTEJ/
- https://www.exploit-db.com/exploits/41435/
Products affected by CVE-2016-10081
-
cpe:2.3:a:shutter-project:shutter:0.93
-
cpe:2.3:a:shutter-project:shutter:0.93.1