漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Remote Code Execution Vulnerability in Atril's EPUB ebook parsing
Vulnerability Description
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
Atril 安全漏洞
Vulnerability Description
Atril是MATE Desktop开源的一个简单的多页文档查看器。 Atril Document Viewer 1.26.2 之前版本存在安全漏洞,该漏洞源于能够在打开特制文档的用户可以访问的文件系统上的任何位置并写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A