High severity7.8NVD Advisory· Published Nov 27, 2017· Updated Jun 17, 2026
CVE-2017-1000159
CVE-2017-1000159
Description
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:gnome:evince:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:gnome:evince:*:*:*:*:*:*:*:*range: <3.25.91
- (no CPE)range: <3.25.91
- osv-coords8 versionspkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/evince&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP3
< 3.20.2-6.22.9+ 7 more
- (no CPE)range: < 3.20.2-6.22.9
- (no CPE)range: < 2.28.2-0.7.3.1
- (no CPE)range: < 3.20.2-6.22.9
- (no CPE)range: < 2.28.2-0.7.3.1
- (no CPE)range: < 3.20.2-6.22.9
- (no CPE)range: < 2.28.2-0.7.3.1
- (no CPE)range: < 3.20.2-6.22.9
- (no CPE)range: < 3.20.2-6.22.9
Patches
Vulnerability mechanics
References
7- bugzilla.gnome.org/show_bug.cginvdIssue TrackingPatch
- lists.debian.org/debian-lts-announce/2017/12/msg00006.htmlnvd
- lists.debian.org/debian-lts-announce/2019/08/msg00013.htmlnvd
- lists.debian.org/debian-lts-announce/2019/08/msg00014.htmlnvd
- seclists.org/bugtraq/2020/Feb/18nvd
- security.gentoo.org/glsa/201804-15nvd
- www.debian.org/security/2020/dsa-4624nvd
News mentions
0No linked articles in our index yet.