[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2012-6076Date: (C)2013-03-15   (M)2024-02-22


Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.4
Exploit Score: 3.4
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
USN-1712-1
http://www.openwall.com/lists/oss-security/2012/12/30/2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341
https://bugs.launchpad.net/inkscape/+bug/911146
openSUSE-SU-2013:0294
openSUSE-SU-2013:0297

CPE    25
cpe:/a:inkscape:inkscape:0.48:pre1
cpe:/a:inkscape:inkscape:0.44.1
cpe:/a:inkscape:inkscape:0.42.2
cpe:/a:inkscape:inkscape:0.37
...
CWE    1
CWE-264
OVAL    3
oval:org.secpod.oval:def:701155
oval:org.secpod.oval:def:10580
oval:org.secpod.oval:def:10578

© SecPod Technologies