Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6076

Overview

Vulnerability Score 4.4 4.4
CVE Id CVE-2012-6076
Last Modified 18 Mar 2013 12:00:00
Published 12 Mar 2013 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-6076

Summary

Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.

Vulnerable Systems

Application

  • Inkscape 0.37

  • Inkscape 0.38.1

  • Inkscape 0.39

  • Inkscape 0.40

  • Inkscape 0.41

  • Inkscape 0.42

  • Inkscape 0.42.2

  • Inkscape 0.43

  • Inkscape 0.44

  • Inkscape 0.44.1

  • Inkscape 0.45.1

  • Inkscape 0.46

  • Inkscape 0.47

  • Inkscape 0.48

  • Inkscape 0.48.1

  • Inkscape 0.48.2

  • Inkscape 0.48.3

  • Inkscape 0.48.3.1


References

CONFIRM - https://bugs.launchpad.net/inkscape/+bug/911146

UBUNTU - USN-1712-1

MLIST - [oss-security] 20121229 Re: Inkscape reads .eps files from /tmp instead of the current directory

SUSE - openSUSE-SU-2013:0297

SUSE - openSUSE-SU-2013:0294

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341


Last Updated: 27 May 2016 11:02:03