CVE-2023-44452 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2023-44452 Interim 1 6 2025-10-05T00:41:46Z current 2023-12-22T00:09:21Z 2025-10-05T00:41:46Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2023-44452 Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22132. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Tumbleweed libxreaderdocument3-4.0.2-1.1 libxreaderview3-4.0.2-1.1 typelib-1_0-XreaderDocument-1_5-4.0.2-1.1 typelib-1_0-XreaderView-1_5-4.0.2-1.1 xreader-4.0.2-1.1 xreader-devel-4.0.2-1.1 xreader-lang-4.0.2-1.1 xreader-plugin-comicsdocument-4.0.2-1.1 xreader-plugin-djvudocument-4.0.2-1.1 xreader-plugin-dvidocument-4.0.2-1.1 xreader-plugin-epubdocument-4.0.2-1.1 xreader-plugin-pdfdocument-4.0.2-1.1 xreader-plugin-pixbufdocument-4.0.2-1.1 xreader-plugin-psdocument-4.0.2-1.1 xreader-plugin-tiffdocument-4.0.2-1.1 xreader-plugin-xpsdocument-4.0.2-1.1 libxreaderdocument3-4.0.2-1.1 as a component of openSUSE Tumbleweed libxreaderview3-4.0.2-1.1 as a component of openSUSE Tumbleweed typelib-1_0-XreaderDocument-1_5-4.0.2-1.1 as a component of openSUSE Tumbleweed typelib-1_0-XreaderView-1_5-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-devel-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-lang-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-comicsdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-djvudocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-dvidocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-epubdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-pdfdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-pixbufdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-psdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-tiffdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed xreader-plugin-xpsdocument-4.0.2-1.1 as a component of openSUSE Tumbleweed Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Mint Xreader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CBT files. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22132. CVE-2023-44452 openSUSE Tumbleweed:libxreaderdocument3-4.0.2-1.1 openSUSE Tumbleweed:libxreaderview3-4.0.2-1.1 openSUSE Tumbleweed:typelib-1_0-XreaderDocument-1_5-4.0.2-1.1 openSUSE Tumbleweed:typelib-1_0-XreaderView-1_5-4.0.2-1.1 openSUSE Tumbleweed:xreader-4.0.2-1.1 openSUSE Tumbleweed:xreader-devel-4.0.2-1.1 openSUSE Tumbleweed:xreader-lang-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-comicsdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-djvudocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-dvidocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-epubdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-pdfdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-pixbufdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-psdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-tiffdocument-4.0.2-1.1 openSUSE Tumbleweed:xreader-plugin-xpsdocument-4.0.2-1.1 important 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H