Candidate: CVE-2015-0854
PublicDate: 2016-12-29 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0854
Description:
 App/HelperFunctions.pm in Shutter through 0.93.1 allows user-assisted
 remote attackers to execute arbitrary commands via a crafted image name
 that is mishandled during a "Show in Folder" action.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/798862
 https://launchpad.net/bugs/1495163
Priority: low
Discovered-by: Luke Faraone
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]

Patches_shutter:
upstream_shutter: released (0.93.1-1)
precise_shutter: ignored (reached end-of-life)
precise/esm_shutter: DNE (precise was needed)
trusty_shutter: ignored (reached end-of-life)
trusty/esm_shutter: DNE (trusty was needed)
vivid_shutter: ignored (reached end-of-life)
vivid/stable-phone-overlay_shutter: DNE
vivid/ubuntu-core_shutter: DNE
wily_shutter: ignored (reached end-of-life)
xenial_shutter: not-affected (0.93.1-1ubuntu1)
yakkety_shutter: ignored (reached end-of-life)
zesty_shutter: ignored (reached end-of-life)
artful_shutter: ignored (reached end-of-life)
bionic_shutter: not-affected (0.93.1-1)
cosmic_shutter: DNE
disco_shutter: DNE
devel_shutter: DNE