Submission + - "Bad Taste" vulnerability in GNOME: VBscript injection 1

Submitted by KiloByte on Tuesday July 18, 2017 @04:19PM

KiloByte writes: A new vulnerability, named "Bad Taste, allows arbitrary code execution via the GNOME thumbnailer if you make any GNOME component that displays file icons see a crafted .msi file in a directory you're browsing.

The vulnerability can be triggered only if you have Wine installed, but it comes as no fault of the latter: GNOME misparses file names into a well-formed VBscript invocation.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

"Bad Taste" vulnerability in GNOME: VBscript injection

Load All Comments

Search 1 Comments Log In/Create an Account

Comments Filter:

I don't usually upvote Stupid Name vulns, ... (Score:2)

by thegreatbob ( 693104 ) writes:

... but when I do, it's because they seem legitimately entertaining.

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

If you teach your children to like computers and to know how to gamble then they'll always be interested in something and won't come to no real harm.

Submission + - "Bad Taste" vulnerability in GNOME: VBscript injection 1

"Bad Taste" vulnerability in GNOME: VBscript injection More Login

"Bad Taste" vulnerability in GNOME: VBscript injection

I don't usually upvote Stupid Name vulns, ... (Score:2)

Slashdot Top Deals

Slashdot