CVSS: 6.8EPSS: 11%CPEs: 1EXPL: 0CVE-2007-1464
https://notcve.org/view.php?id=CVE-2007-1464
Format string vulnerability in the whiteboard Jabber protocol in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de formato de cadena en el protocolo whiteboard Jabber del Inkscape anterior al 0.45.1 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante vectores sin especificar. • http://secunia.com/advisories/24615 http://secunia.com/advisories/24661 http://secunia.com/advisories/24859 http://secunia.com/advisories/25072 http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106 http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.securityfocus.com/archive/1/463710/100/0/threaded http://www.securityfocus.com/bid/23138 http://www.vupen.com/english/ •
CVSS: 6.8EPSS: 17%CPEs: 11EXPL: 0CVE-2007-1463
https://notcve.org/view.php?id=CVE-2007-1463
Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs. Vulnerabilidad en el formato de cadena en el Inkscape anterior al 0.45.1 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante especificadores del formato de cadena en una URI,lo que no es manejado correctamente mediante ciertos diálogos. • http://secunia.com/advisories/24584 http://secunia.com/advisories/24597 http://secunia.com/advisories/24615 http://secunia.com/advisories/24661 http://secunia.com/advisories/24859 http://secunia.com/advisories/25072 http://sourceforge.net/project/shownotes.php?group_id=93438&release_id=495106 http://www.gentoo.org/security/en/glsa/glsa-200704-10.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:069 http://www.novell.com/linux/security/advisories/2007_8_sr.html h •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3885
https://notcve.org/view.php?id=CVE-2005-3885
The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321501 http://secunia.com/advisories/16343 http://secunia.com/advisories/17882 http://secunia.com/advisories/17886 http://www.debian.org/security/2005/dsa-916 http://www.securityfocus.com/bid/14522 https://usn.ubuntu.com/223-1 •
CVSS: 5.1EPSS: 21%CPEs: 4EXPL: 2CVE-2005-3737 – Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-3737
Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. Desbordamiento de búfer en el importador SVG (style.cpp) de inkscape 0.41 a 0.42.2 podría permitir a atacantes remotos ejecutar código de su elección importando un fichero SVG malicioso con valores de hoja de estilos CSS largos. • https://www.exploit-db.com/exploits/26540 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894 http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1 http://secunia.com/advisories/17651 http://secunia.com/advisories/17662 http://secunia.com/advisories/17778 http://secunia.com/advisories/17882 http://securityreason.com/securityalert/58 http://www.debian.org/security/2005/dsa-916 http://www.gentoo.org/security/en/glsa/glsa-2 •