FreeBSD : evince and atril -- command injection vulnerability in CBT handler (01a197ca-67f1-11e7-a266-28924a333806)
Medium Nessus Plugin ID 102687
The remote FreeBSD host is missing one or more security-related updates.
GNOME reports : The comic book backend in evince 3.24.0 (and earlier) is vulnerable to a command injection bug that can be used to execute arbitrary commands when a CBT file is opened. The same vulnerability affects atril, the Evince fork.