Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » SUSE-2013:7380

Overview

Id SUSE-2013:7380
Name Novell SUSE 2013:7380 inkscape security update for SLED 11 SP2 i586
Vendor Name novell
Product None
Content Type Critical Critical
Language(s)
Operating System(s) Linux 
Released On 20 Feb 2013 12:00:00

SUSE-2013:7380

Novell SUSE 2013:7380 inkscape security update for SLED 11 SP2 i586

Vendor Name

novell

Product

None

Released On

20 Feb 2013 12:00:00

Url

http://www.novell.com/support/search.do?usemicrosite=true&searchString=3665fd73e37c0c781853b6cda2d6e0de

Description

LSAC(v2)
inkscape was updated to fix a XXE (Xml eXternal Entity) attack during rasterization of SVG images (CVE-2012-5656), where the rendering of malicious SVG images could have connected from inkscape to internal hosts. Also inkscape would have loaded .EPS files from untrusted /tmp occasionaly instead from the current directory. (CVE-2012-6076) Security Issue references: * CVE-2012-6076 * CVE-2012-5656

Related Resources

Related Vulnerabilities

None

Related Patches

Superseded Patches

None


Last Updated: 27 May 2016 11:16:44