Full title: ExifTool DjVu ANT Perl Injection Exploit 
Category: local exploits
Platform: unix
This Metasploit module exploits a Perl injection vulnerability in the DjVu ANT parsing code of ExifTool versions 7.44 through 12.23 inclusive. The injection is used to execute a shell command using Perl backticks. The DjVu image can be embedded in a wrapper image using the HasselbladExif EXIF field.

# 0day.today @ http://0day.today/