CVE-2017-1000159

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2017-1000159

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000159.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000159

Downstream

DEBIAN-CVE-2017-1000159

DLA-1204-1

DLA-1881-1

DLA-1882-1

DSA-4624-1

SUSE-SU-2018:0639-1

SUSE-SU-2018:0947-1

UBUNTU-CVE-2017-1000159

USN-3503-1

Related

Published

2017-11-27T15:29:00.243Z

Modified

2026-03-15T22:13:05.515322Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.

References

Affected packages

Git / github.com/gnome/evince

Affected ranges

Type

GIT

Repo

https://github.com/gnome/evince

Events

Introduced

Fixed

26d63918f38ba114aeca95ca8eb31b94561b6303

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.25.91"
        }
    ]
}

Affected versions

3.*

3.1.2

3.1.90

3.1.90.1

3.10.0

3.11.1

3.11.3

3.11.90

3.11.92

3.13.3

3.13.3.1

3.13.90

3.13.91

3.13.92

3.14.0

3.14.1

3.15.4

3.15.90

3.15.92

3.16.0

3.17.1

3.17.2

3.17.3

3.17.4

3.17.92

3.18.0

3.19.92

3.2.0

3.2.1

3.20.0

3.21.3

3.21.4

3.21.92

3.22.0

3.24.0

3.25.4

3.3.2

3.3.3

3.3.3.1

3.3.4

3.3.5

3.3.90

3.3.92

3.4.0

3.5.2

3.5.3

3.5.4

3.5.5

3.5.90

3.5.92

3.6.0

3.7.1

3.7.4

3.7.5

3.7.90

3.7.92

3.8.0

3.9.2

3.9.3

3.9.4

3.9.5

3.9.90

Other

BEFORE_GNOME_PRINT

BEFORE_NEW_UI_HANDLER_1

BEFORE_XPDF_3_MERGE

BONOBO_BEFORE_API_RENAME

ChangeLog

EAZEL-NAUTILUS-MS-AUG07

EAZEL-NAUTILUS-MS-JULY_5

EVINCE_0_1_0

EVINCE_0_1_1

EVINCE_0_1_3

EVINCE_0_1_4

EVINCE_0_1_5

EVINCE_0_1_6

EVINCE_0_1_7

EVINCE_0_1_8

EVINCE_0_1_9

EVINCE_0_2_0

EVINCE_0_2_1

EVINCE_0_3_0

EVINCE_0_3_1

EVINCE_0_3_3

EVINCE_0_4_0

EVINCE_0_5_0

EVINCE_0_5_1

EVINCE_0_5_2

EVINCE_0_5_3

EVINCE_0_5_4

EVINCE_0_5_5

EVINCE_0_6_0

EVINCE_0_6_1

EVINCE_0_7_0

EVINCE_0_7_1

EVINCE_0_7_2

EVINCE_0_8_0

EVINCE_0_8_1

EVINCE_0_9_0

EVINCE_0_9_1

EVINCE_0_9_2

EVINCE_0_9_3

EVINCE_2_19_4

EVINCE_2_19_92

EVINCE_2_20_0

EVINCE_2_21_1

EVINCE_2_21_90

EVINCE_2_21_91

EVINCE_2_22_0

EVINCE_2_22_1

EVINCE_2_22_1_1

EVINCE_2_23_4

EVINCE_2_23_5

EVINCE_2_23_91

EVINCE_2_23_92

EVINCE_2_24_0

EVINCE_2_24_1

EVINCE_2_25_1

EVINCE_2_25_2

EVINCE_2_25_4

EVINCE_2_25_5

EVINCE_2_25_90

EVINCE_2_25_91

EVINCE_2_25_92

EVINCE_2_26_0

EVINCE_2_27_1

EVINCE_2_27_3

EVINCE_2_27_4

EVINCE_2_27_90

EVINCE_2_29_1

EVINCE_2_29_2

EVINCE_2_29_3

EVINCE_2_29_4

EVINCE_2_29_5

EVINCE_2_29_91

EVINCE_2_29_92

EVINCE_2_30_0

EVINCE_2_31_1

EVINCE_2_31_2

EVINCE_2_31_3

EVINCE_2_31_4

EVINCE_2_31_4_1

EVINCE_2_31_5

EVINCE_2_31_6

EVINCE_2_31_6_1

EVINCE_2_31_90

EVINCE_2_91_0

EVINCE_2_91_1

EVINCE_2_91_2

EVINCE_2_91_3

EVINCE_2_91_4

EVINCE_2_91_5

EVINCE_2_91_6

EVINCE_2_91_90

EVINCE_2_91_92

EVINCE_2_91_93

EVINCE_3_0_0

GNOME_2_12_BRANCHPOINT

GNOME_2_14_BRANCHPOINT

GNOME_2_16_BRANCHPOINT

GNOME_2_4_ANCHOR

GNOME_2_6_ANCHOR

GNOME_2_8_ANCHOR

GPDF_0_100

GPDF_0_101

GPDF_0_102

GPDF_0_103

GPDF_0_104

GPDF_0_105

GPDF_0_106

GPDF_0_110

GPDF_0_111

GPDF_0_112

GPDF_0_112_1

GPDF_0_120

GPDF_0_121

GPDF_0_122

GPDF_0_123

GPDF_0_124

GPDF_0_125

GPDF_0_130

GPDF_0_131

GPDF_2_7_1

GPDF_2_7_2

GPDF_2_7_90

GPDF_2_7_91

GPDF_2_8_0

GPDF_2_8_1

GPDF_2_9_1

GPDF_FOR_GNOME_1_4

GPDF_MODES_ANCHOR

GPDF_OUTLINES_ANCHOR

XPDF_0_80

XPDF_1_01

XPDF_2_00

XPDF_2_01

XPDF_2_02

XPDF_2_03

XPDF_3_00

nautilus_ms_may_31

start

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000159.json"