Home / os / winmobile

Evince CBT File Command Injection

Posted on 07 February 2019

This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.

 

TOP

Malware :

Exploits :