Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-10081

/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.

Related bugs and status

CVE-2016-10081 (Candidate) is related to these bugs:

Bug #1372050: can't upload with dropbox

Summary				In	Importance	Status
	1372050	can't upload with dropbox		Shutter	Undecided	Invalid
	1372050	can't upload with dropbox		shutter (Ubuntu)	Undecided	Fix Released

Bug #1652600: Insecure use of perl exec()

		In	Importance	Status
1652600	Insecure use of perl exec()	Shutter	Undecided	Fix Released
1652600	Insecure use of perl exec()	Debian	Unknown	Fix Released
1652600	Insecure use of perl exec()	openSUSE	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugs.launchpad...
BID: 95351
EXPLOIT-DB: 41435
FEDORA: FEDORA-2021-5b74a5a0db