Red Hat Bugzilla – Bug 1262931
CVE-2015-0854 shutter: Insecure use of system()
Last modified: 2015-10-21 10:47:12 EDT
A vulnerability in shutter was found. Using the "Show in folder" menu option while viewing a file with a specially-crafted path allows for arbitrary code execution with the permissions of the user running Shutter.
Reproducer available at:
Created shutter tracking bugs for this issue:
Affects: fedora-all [bug 1262932]