Vulnerabilities in various GTK-based PDF readers
6 hours ago
- #GTK
- #Exploit
- A script builds polyglot PDFs that are both valid PDF files and ELF binaries.
- Clicking a malicious link in the PDF exploits a command injection to load the PDF as a GTK module via `--gtk-module`.
- This executes arbitrary code through the library constructor.
- GTK 4 removed the flag, reducing severity for Papers but affecting Evince, Atril, and Xreader.