Vulnerability in Inkscape
CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.
EPSS: 0.034 (87.2th percentile) — read the EPSS interpretation.
Affected products
- Inkscape — versions 0.40, 0.41, 0.42
- Ubuntu Ubuntu_linux — versions 5.10, 6.06, 6.06_lts
- N/a — versions n/a
References
- security@ubuntu.com (vdb-entry, x_refsource_XF)
- security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory)
- security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory)
- security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory)
- security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory)
- security@ubuntu.com (vdb-entry, x_refsource_BID)
- security@ubuntu.com (vendor-advisory, x_refsource_GENTOO)
- security@ubuntu.com (x_refsource_SECUNIA, third-party-advisory)
- security@ubuntu.com (x_refsource_CONFIRM)
- security@ubuntu.com (vdb-entry, x_refsource_VUPEN)