VYPR

rpm package

suse/nautilus&distro=SUSE Linux Enterprise Desktop 12 SP3

pkg:rpm/suse/nautilus&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3

Vulnerabilities (1)

  • CVE-2017-14604MedSep 20, 2017
    affected < 3.20.3-23.3.14fixed 3.20.3-23.3.14

    GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus prov