CVE-2017-1000083

This Metasploit module exploits a command injection vulnerability in Evince before 3.24.1 via a malicious `.cbt` file. It crafts a tar archive with a checkpoint action to execute arbitrary commands when the file is opened.

This exploit leverages a command injection vulnerability in Evince (CVE-2017-1000083) by crafting a malicious .cbt file with a checkpoint action that executes arbitrary commands when opened. The PoC demonstrates RCE via the `--checkpoint-action` parameter in a tar archive.

This Dockerfile sets up a vulnerable environment for CVE-2017-1000083, exploiting a command injection vulnerability in Evince via a crafted CBT file. The exploit triggers arbitrary command execution (e.g., launching Firefox) when the file is opened.

This Dockerfile sets up an environment to exploit CVE-2017-1000083, a vulnerability in Atril and Nautilus involving improper handling of .cbt files. The setup includes vulnerable software (Atril, Nautilus) and a crafted .cbt file (covfefe.tar) to trigger the exploit.

This Metasploit module exploits a command injection vulnerability in Evince before version 3.24.1 by crafting a malicious .cbt file. The exploit leverages the checkpoint-action feature in tar archives to execute arbitrary commands when the file is opened.