CVE-2005-3737 – Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow

https://notcve.org/view.php?id=CVE-2005-3737

Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values. Desbordamiento de búfer en el importador SVG (style.cpp) de inkscape 0.41 a 0.42.2 podría permitir a atacantes remotos ejecutar código de su elección importando un fichero SVG malicioso con valores de hoja de estilos CSS largos. • https://www.exploit-db.com/exploits/26540 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894 http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1 http://secunia.com/advisories/17651 http://secunia.com/advisories/17662 http://secunia.com/advisories/17778 http://secunia.com/advisories/17882 http://securityreason.com/securityalert/58 http://www.debian.org/security/2005/dsa-916 http://www.gentoo.org/security/en/glsa/glsa-2 •