5.1
CVE-2005-3737
- EPSS 13.42%
- Veröffentlicht 22.11.2005 00:03:00
- Zuletzt bearbeitet 16.06.2026 22:17:31
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.42% | 0.959 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
http://www.novell.com/linux/security/advisories/2005_28_sr.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894
http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1
http://secunia.com/advisories/17651
http://secunia.com/advisories/17662
http://secunia.com/advisories/17778
http://secunia.com/advisories/17882
http://securityreason.com/securityalert/58
http://www.debian.org/security/2005/dsa-916
http://www.gentoo.org/security/en/glsa/glsa-200511-22.xml
http://www.securityfocus.com/bid/15507
http://www.ubuntulinux.org/usn/usn-217-1
http://www.vupen.com/english/advisories/2005/2511