{"id":"CVE-2016-10081","details":"/usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that is mishandled during a \"Run a plugin\" action.","modified":"2026-04-16T06:23:49.070072294Z","published":"2016-12-29T18:59:00.223Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/95351"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QG54GTU45KBIQJLU4WREG4G4JJEUTEJ/"},{"type":"WEB","url":"https://www.exploit-db.com/exploits/41435/"},{"type":"REPORT","url":"https://bugs.launchpad.net/shutter/+bug/1652600"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"0.93.1"}]},{"events":[{"introduced":"0"},{"last_affected":"0.93.1"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10081.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}