CVE-2017-14604
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-14604
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-14604.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-14604
- Related
- Published
- 2017-09-20T08:29:00Z
- Modified
- 2025-01-15T01:26:05.438041Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
- Summary
- [none]
- Details
-
GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus provides no UI indication that a file actually has the potentially unsafe .desktop extension; instead, the UI only shows the .pdf extension. One (slightly) mitigating factor is that an attack requires the .desktop file to have execute permission. The solution is to ask the user to confirm that the file is supposed to be treated as a .desktop file, and then remember the user's answer in the metadata::trusted field.
- References
-
- http://www.debian.org/security/2017/dsa-3994
- http://www.securityfocus.com/bid/101012
- https://access.redhat.com/errata/RHSA-2018:0223
- https://bugzilla.gnome.org/show_bug.cgi?id=777991
- https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
- https://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a8d3bb0
- https://github.com/GNOME/nautilus/commit/bc919205bf774f6af3fa7154506c46039af5a69b
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860268
- https://github.com/freedomofpress/securedrop/issues/2238
- https://security-tracker.debian.org/tracker/CVE-2017-14604
Affected packages
Debian:11 / nautilus
Package
- Name
- nautilus
- Purl
- pkg:deb/debian/nautilus?arch=source
Debian:12 / nautilus
Package
- Name
- nautilus
- Purl
- pkg:deb/debian/nautilus?arch=source
Debian:13 / nautilus
Package
- Name
- nautilus
- Purl
- pkg:deb/debian/nautilus?arch=source
Git / github.com/gnome/nautilus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/gnome/nautilus
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixedFixed
Affected versions
2.*
2.27.2
2.27.4
2.27.91
2.27.92
2.28.0
2.29.1
2.29.2
2.29.90
2.29.91
2.29.92
2.29.92.1
2.30.0
2.30.1
2.31.1
2.31.2
2.31.3
2.31.4
2.31.5
2.90.1
2.91.0
2.91.0.1
2.91.1
2.91.2
2.91.3
2.91.4
2.91.5
2.91.6
2.91.7
2.91.8
2.91.9
2.91.90
2.91.90.1
2.91.91
2.91.92
2.91.93
2.91.94
3.*
3.0.0
3.1.1
3.1.2
3.1.3
3.1.4
3.1.90
3.1.92
3.10.0
3.11.2
3.11.3
3.11.90
3.11.92
3.12.0
3.13.1
3.13.2
3.13.90
3.13.91
3.13.92
3.14.0
3.15.4
3.15.90
3.15.91
3.15.92
3.16.0
3.17.2
3.17.3
3.17.90
3.17.91
3.18.0
3.18.1
3.19.2
3.2.0
3.21.91.1
3.21.92
3.22.0.1
3.22.1
3.3.1.1
3.3.3
3.3.4
3.3.5
3.3.90
3.3.91
3.3.92
3.4.0
3.5.1
3.5.2
3.5.3
3.5.4
3.5.5
3.5.90
3.5.91
3.5.92
3.6.0
3.7.1
3.7.2
3.7.3
3.7.4
3.7.5
3.7.90
3.7.91
3.7.92
3.8.0
3.9.3
3.9.90
3.9.91
3.9.92
Other
BONOBO_SLAY_BRANCHPOINT
DROOLING_MACAQUE
EAZEL-NAUTILUS-MS-AUG07
EAZEL-NAUTILUS-MS-JUL12
EAZEL-NAUTILUS-MS-JULY_5
EAZEL_DEMO_1_ANCHOR
EAZEL_NAUTILUS_DEMO_2_ANCHOR
FOR_GNOME_0_99_1
GGV_0_61
GNOME_0_20
GNOME_0_20a
GNOME_0_25
GNOME_0_27
GNOME_0_28_MARTIN
GNOME_0_30
GNOME_0_99_2
GNOME_0_99_3
GNOME_0_99_7
GNOME_0_99_8
GNOME_0_99_8_1
GNOME_2_0_BRANCHPOINT
GNOME_2_10_BRANCHPOINT
GNOME_2_12_BRANCHPOINT
GNOME_2_14_BRANCHPOINT
GNOME_2_16_BRANCHPOINT
GNOME_2_2_BRANCHPOINT
GNOME_2_4_BRANCHPOINT
GNOME_2_6_BRANCHPOINT
GNOME_CORE_1_0_0_1
GNOME_CORE_1_0_1
GNOME_CORE_1_0_3
GNOME_CORE_1_0_4
GNOME_CORE_1_0_5
GNOME_CORE_1_0_6
GNOME_CORE_1_0_7
GNOME_CORE_1_0_8
GNOME_CORE_1_0_9
GNOME_CORE_1_0_ANCHOR
GNOME_CORE_1_1_0
GNOME_STABLE_ANCHOR
INITIAL
INSTALLER_PR3_ANCHOR
MULTIHEAD_BRANCHPOINT
NAUTILUS-NEW-UIH-BRANCH_ANCHOR
NAUTILUS_0_8_2
NAUTILUS_1_0_3
NAUTILUS_1_0_4
NAUTILUS_1_0_5
NAUTILUS_1_1_1
NAUTILUS_1_1_10
NAUTILUS_1_1_11
NAUTILUS_1_1_12
NAUTILUS_1_1_13
NAUTILUS_1_1_14
NAUTILUS_1_1_15
NAUTILUS_1_1_16
NAUTILUS_1_1_17
NAUTILUS_1_1_18
NAUTILUS_1_1_19
NAUTILUS_1_1_2
NAUTILUS_1_1_3
NAUTILUS_1_1_4
NAUTILUS_1_1_5
NAUTILUS_1_1_6
NAUTILUS_1_1_8
NAUTILUS_1_1_9
NAUTILUS_1_ANCHOR
NAUTILUS_2_0_1
NAUTILUS_2_0_2
NAUTILUS_2_0_3
NAUTILUS_2_0_4
NAUTILUS_2_0_6
NAUTILUS_2_10_0
NAUTILUS_2_11_1
NAUTILUS_2_11_2
NAUTILUS_2_11_3
NAUTILUS_2_11_4
NAUTILUS_2_11_90
NAUTILUS_2_11_91
NAUTILUS_2_11_92
NAUTILUS_2_12_0
NAUTILUS_2_12_1
NAUTILUS_2_13_1
NAUTILUS_2_13_2
NAUTILUS_2_13_3
NAUTILUS_2_13_4
NAUTILUS_2_13_90
NAUTILUS_2_13_91
NAUTILUS_2_13_92
NAUTILUS_2_14_0
NAUTILUS_2_14_1
NAUTILUS_2_15_1
NAUTILUS_2_15_2
NAUTILUS_2_15_4
NAUTILUS_2_15_90
NAUTILUS_2_15_91
NAUTILUS_2_15_92
NAUTILUS_2_15_92_1
NAUTILUS_2_16_0
NAUTILUS_2_16_1
NAUTILUS_2_16_2
NAUTILUS_2_16_3
NAUTILUS_2_17_1
NAUTILUS_2_17_91
NAUTILUS_2_17_92
NAUTILUS_2_18_0
NAUTILUS_2_18_0_1
NAUTILUS_2_19_2
NAUTILUS_2_19_3
NAUTILUS_2_19_4
NAUTILUS_2_19_5
NAUTILUS_2_19_6
NAUTILUS_2_19_90
NAUTILUS_2_19_91
NAUTILUS_2_1_0
NAUTILUS_2_1_1
NAUTILUS_2_1_2
NAUTILUS_2_1_3
NAUTILUS_2_1_5
NAUTILUS_2_1_6
NAUTILUS_2_1_91
NAUTILUS_2_20_0
NAUTILUS_2_21_2
NAUTILUS_2_21_5
NAUTILUS_2_21_6
NAUTILUS_2_21_90
NAUTILUS_2_21_91
NAUTILUS_2_21_92
NAUTILUS_2_22_0
NAUTILUS_2_22_1
NAUTILUS_2_23_2
NAUTILUS_2_23_3
NAUTILUS_2_23_4
NAUTILUS_2_23_5
NAUTILUS_2_23_5_1
NAUTILUS_2_23_6
NAUTILUS_2_23_6_1
NAUTILUS_2_23_90
NAUTILUS_2_23_91
NAUTILUS_2_23_92
NAUTILUS_2_24_0
NAUTILUS_2_25_1
NAUTILUS_2_25_2
NAUTILUS_2_25_3
NAUTILUS_2_25_4
NAUTILUS_2_25_91
NAUTILUS_2_25_92
NAUTILUS_2_25_93
NAUTILUS_2_26_0
NAUTILUS_2_26_1
NAUTILUS_2_26_2
NAUTILUS_2_27_1
NAUTILUS_2_2_0
NAUTILUS_2_2_0_1
NAUTILUS_2_2_0_2
NAUTILUS_2_2_1
NAUTILUS_2_2_2
NAUTILUS_2_2_3
NAUTILUS_2_3_1
NAUTILUS_2_3_2
NAUTILUS_2_3_3
NAUTILUS_2_3_4
NAUTILUS_2_3_5
NAUTILUS_2_3_6
NAUTILUS_2_3_7
NAUTILUS_2_3_8
NAUTILUS_2_3_9
NAUTILUS_2_3_90
NAUTILUS_2_4_0
NAUTILUS_2_5_0
NAUTILUS_2_5_1
NAUTILUS_2_5_1_1
NAUTILUS_2_5_2
NAUTILUS_2_5_3
NAUTILUS_2_5_5
NAUTILUS_2_5_6
NAUTILUS_2_5_7
NAUTILUS_2_5_8
NAUTILUS_2_5_90
NAUTILUS_2_5_91
NAUTILUS_2_6_0
NAUTILUS_2_6_1
NAUTILUS_2_6_2
NAUTILUS_2_6_BRANCHPOINT
NAUTILUS_2_7_2
NAUTILUS_2_7_4
NAUTILUS_2_7_92
NAUTILUS_2_8_0
NAUTILUS_2_8_1
NAUTILUS_2_8_2
NAUTILUS_2_9_1
NAUTILUS_2_9_2
NAUTILUS_2_9_90
NAUTILUS_2_9_91
NAUTILUS_2_9_92
NAUTILUS_BEFORE_REMOVING_HELP_COMPONENT
NAUTILUS_EXTENSIONS_BRANCHPOINT
NAUTILUS_EXTENSIONS_MERGEPOINT_1
NAUTILUS_NEW_MIME_BRANCHPOINT
NAUTILUS_PR2_ANCHOR
NAUTILUS_PR3_ANCHOR
NAUTILUS_SEARCH2_MERGE_ANCHOR1
NAUTILUS_SEARCH2_MERGE_ANCHOR2
NAUTILUS_SEARCH_BRANCH_ANCHOR
NAUTILUS_SPATIAL_PLAYGROUND_BRANCHPOINT
NAUTILUS_UIH_MERGE_BASE
NEW_ICON_FACTORY_BRANCHPOINT
NEW_SIDE_PANE_BRANCHPOINT
PANTING_CHIMPANZEE
POST_1_0_MERGE
PRE_1_0_MERGE
PRE_PANEL2
RAK_SOUNDVIEW_ANCHOR
REDHAT_MERGE_BRANCHPOINT
REDHAT_OUTSTANDING_PATCHES_BRANCHPOINT
V0_0
XIMIAN_SMB_ANCHOR
XIMIAN_SUN_DELIVERY_1_MERGE
before-trilobite-move
mjs_pre_great_renaming
nautilus_ms_may_31
pre-mjs-demo-bugfixes