App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Show in Folder" action.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "shutter", "binary_version": "0.93.1-1ubuntu1" } ] }