Cinnamon : Command Injection with a wallpaper picture
Bug #1502424 reported by
Bernd Dietzel
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Linux Mint |
New
|
Undecided
|
Unassigned |
Bug Description
LinuxMint with Cinnamon Desktop
cs_backgrounds.py , line 385 is vulnerable to shell code injections.
if commands.
If you change a wallpaper picture name to an other name wich contains a shell command,
the command will run when you try to change the wallpapers in the settings
information type: | Private Security → Public Security |
To post a comment you must log in.