Full title: Evince CBT File Command Injection Exploit 
Category: remote exploits
Platform: unix
This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 when opening comic book `.cbt` files. Some file manager software, such as Nautilus and Atril, may allow automatic exploitation without user interaction due to thumbnailer preview functionality. Note that limited space is available for the payload.

# 0day.today @ http://0day.today/