Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Remote Code Execution Vulnerability in Atril's EPUB ebook parsing
Vulnerability Description
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L
Vulnerability Type
路径遍历:’../filedir’
Vulnerability Title
Atril 安全漏洞
Vulnerability Description
Atril是MATE Desktop开源的一个简单的多页文档查看器。 Atril Document Viewer 1.26.2 之前版本存在安全漏洞,该漏洞源于能够在打开特制文档的用户可以访问的文件系统上的任何位置并写入任意文件。
CVSS Information
N/A
Vulnerability Type
N/A