CVE-2012-6076

Severity

44%

Complexity

34%

Confidentiality

106%

Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.

Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.

CVSS 2.0 Base Score 4.4. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:P/I:P/A:P).

Overview

Type

inkscape

First reported 11 years ago

2013-03-12 22:55:00

Last updated 11 years ago

2013-03-18 04:00:00

Affected Software

inkscape 0.37

0.37

inkscape 0.38.1

0.38.1

inkscape 0.39

0.39

inkscape 0.40

0.40

inkscape 0.41

0.41

inkscape 0.42

0.42

inkscape 0.42.2

0.42.2

inkscape 0.43

0.43

inkscape 0.44

0.44

inkscape 0.44.1

0.44.1

inkscape 0.45.1

0.45.1

inkscape 0.46

0.46

inkscape 0.47

0.47

inkscape 0.47pre0

0.47

inkscape 0.47pre1

0.47

inkscape 0.47pre2

0.47

inkscape 0.47pre3

0.47

inkscape 0.47pre4

0.47

inkscape 0.48

0.48

inkscape 0.48pre0

0.48

inkscape 0.48pre1

0.48

inkscape 0.48.1

0.48.1

inkscape 0.48.2

0.48.2

inkscape 0.48.3

0.48.3

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341

openSUSE-SU-2013:0294

openSUSE-SU-2013:0297

[oss-security] 20121229 Re: Inkscape reads .eps files from /tmp instead of the current directory

USN-1712-1

https://bugs.launchpad.net/inkscape/+bug/911146

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.