CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-9149

HIGH
7.5
CVSS Severity Score
EPSS Score0.1690%
EPSS Percentile15.75th
Published2017年5月22日
Last Modified2026年5月13日

Vulnerability Description

Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted.

Affected Platforms (CPE)

📦
Metadata Anonymisation Toolkit Project

Metadata Anonymisation Toolkit

= 0.6
📦
Metadata Anonymisation Toolkit Project

Metadata Anonymisation Toolkit

= 0.6.1

References & Advisories

🔗 https://0xacab.org/mat/mat/commit/8f6303a1f26fe8dad83ba96ab8328dbdfa3af59a
🔗 https://0xacab.org/mat/mat/commit/94ca62a429bb6a3a5f293de26053e54bbfeea9f9
🔗 https://0xacab.org/mat/mat/issues/11527
🔗 https://bugs.debian.org/858058
🔗 https://0xacab.org/mat/mat/commit/8f6303a1f26fe8dad83ba96ab8328dbdfa3af59a
🔗 https://0xacab.org/mat/mat/commit/94ca62a429bb6a3a5f293de26053e54bbfeea9f9
🔗 https://0xacab.org/mat/mat/issues/11527
🔗 https://bugs.debian.org/858058

相關漏洞威脅

CVE-2017-379110.0

A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication ...

CVE-2017-514510.0

An issue was discovered in Carlo Gavazzi VMU-C EM prior to firmware Version A11_U05, and VMU-C PV prior to firmware Version A17. S...

CVE-2017-332410.0

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Primavera Products Suite (subcompone...

CVE-2017-278510.0

An exploitable buffer overflow exists in the psnotifyd application of the Pharos PopUp printer client version 9.0. A specially cra...