CVE-2017-11421

Priority
Description
gnome-exe-thumbnailer before 0.9.5 is prone to a VBScript Injection when
generating thumbnails for MSI files, aka the "Bad Taste" issue. There is a
local attack if the victim uses the GNOME Files file manager, and navigates
to a directory containing a .msi file with VBScript code in its filename.
Notes
Package
Upstream:released (0.9.5-1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was needed)
Ubuntu 16.04 LTS (Xenial Xerus):released (0.9.3-2ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Patches:
Upstream:https://github.com/gnome-exe-thumbnailer/gnome-exe-thumbnailer/commit/1d8e3102dd8fd23431ae6127d14a236da6b4a4a5
More Information

Updated: 2019-12-05 21:08:35 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)