LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

inkscape: denial of service

Package(s):inkscape CVE #(s):CVE-2012-5656
Created:January 7, 2013 Updated:February 14, 2013
Description: From the Red Hat bugzilla:

An XML eXternal Entity (XXE) flaw was found in the way Inkscape, a vector-based drawing program using SVG as its native file format performed rasterization of certain SVG images. A remote attacker could provide a specially-crafted SVG image that, when opened in inkscape would lead to arbitrary local file disclosure or denial of service.

Alerts:
Fedora FEDORA-2012-20620 2013-01-05
Fedora FEDORA-2012-20621 2013-01-05
Mageia MGASA-2013-0006 2013-01-14
Ubuntu USN-1712-1 2013-01-30
openSUSE openSUSE-SU-2013:0294-1 2013-02-14
openSUSE openSUSE-SU-2013:0297-1 2013-02-15
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds