Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2017-14604

Published: 20/09/2017 Updated: 18/08/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Gnome

Vulnerability Summary

GNOME Nautilus prior to 3.23.90 allows malicious users to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus provides no UI indication that a file actually has the potentially unsafe .desktop extension; instead, the UI only shows the .pdf extension. One (slightly) mitigating factor is that an attack requires the .desktop file to have execute permission. The solution is to ask the user to confirm that the file is supposed to be treated as a .desktop file, and then remember the user's answer in the metadata::trusted field.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnome nautilus

debian debian linux 8.0

debian debian linux 9.0

debian debian linux 10.0

Vendor Advisories

Red Hat: Moderate: nautilus security update
Synopsis Moderate: nautilus security update Type/Severity Security Advisory: Moderate Topic An update for nautilus is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Debian CVElist Bug Report Logs: nautilus: CVE-2017-14604: .desktop files can hide malware in Nautilus
Debian Bug report logs - #860268 nautilus: CVE-2017-14604: desktop files can hide malware in Nautilus Package: nautilus; Maintainer for nautilus is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Source for nautilus is src:nautilus (PTS, buildd, popcon) Reported by: Micah Lee <micah@micahfleeco ...
Amazon Linux 2: ALAS2-2018-960
Insufficient validation of trust of desktop files with execute permissionAn untrusted desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user An attacker could use this flaw to trick a user into opening a desktop file disguised as a document, such as a PD ...
Red Hat: CVE-2017-14604
An untrusted desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user An attacker could use this flaw to trick a user into opening a desktop file disguised as a document, such as a PDF, and execute arbitrary commands ...

References

CWE-20https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/https://github.com/GNOME/nautilus/commit/bc919205bf774f6af3fa7154506c46039af5a69bhttps://github.com/GNOME/nautilus/commit/1630f53481f445ada0a455e9979236d31a8d3bb0https://github.com/freedomofpress/securedrop/issues/2238https://bugzilla.gnome.org/show_bug.cgi?id=777991https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860268http://www.securityfocus.com/bid/101012http://www.debian.org/security/2017/dsa-3994https://access.redhat.com/errata/RHSA-2018:0223https://access.redhat.com/errata/RHSA-2018:0223https://nvd.nist.govhttps://alas.aws.amazon.com/AL2/ALAS-2018-960.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook