Vulnerabilities > Inkscape > Inkscape > 0.41
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-03-12 | CVE-2012-6076 | Permissions, Privileges, and Access Controls vulnerability in Inkscape Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts. | 4.4 |
2013-01-18 | CVE-2012-5656 | XXE vulnerability in multiple products The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack. | 5.5 |
2007-03-21 | CVE-2007-1464 | Unspecified vulnerability in Inkscape Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. network inkscape | 6.8 |
2007-03-21 | CVE-2007-1463 | Unspecified vulnerability in Inkscape Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. | 6.8 |
2005-11-29 | CVE-2005-3885 | Unspecified vulnerability in Inkscape 0.41 The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | 2.1 |
2005-11-22 | CVE-2005-3737 | Buffer Overflow vulnerability in Inkscape SVG Image Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. | 5.1 |