Arbitrary Command Execution in Shutter through 0.93.1 via Crafted Image Name

Arbitrary Command Execution in Shutter through 0.93.1 via Crafted Image Name

CVE-2016-10081 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a "Run a plugin" action.

Learn more about our User Device Pen Test.