CVE-2007-1463

Related Files

Gentoo Linux Security Advisory 200704-10

Posted Apr 17, 2007

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200704-10 - Kees Cook has discovered two vulnerabilities in Inkscape. The application does not properly handle format string specifiers in some dialog boxes. Inkscape is also vulnerable to another format string error in its Jabber whiteboard protocol. Versions less than 0.45.1 are affected.

tags | advisory, vulnerability, protocol

systems | linux, gentoo

advisories | CVE-2007-1463, CVE-2007-1464

SHA-256 | 86a76b321bf3aa5d24fec6730c05e55ad02b27f30a4bf14f46554cede7aa949d

Download | Favorite | View

Mandriva Linux Security Advisory 2007.069

Posted Mar 24, 2007

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Format string vulnerability in Inkscape before 0.45.1 allows user-assisted remote attackers to execute arbitrary code via format string specifiers in a URI, which is not properly handled by certain dialogs.

tags | advisory, remote, arbitrary

systems | linux, mandriva

advisories | CVE-2007-1463

SHA-256 | 4f62b3eb1cb4026205e69534e90bbacb7ac28fc6d2861ee53df14c830e1f91a7

Download | Favorite | View

Ubuntu Security Notice 438-1

Posted Mar 21, 2007

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 438-1 - A flaw was discovered in Inkscape's use of format strings. If a user were tricked into opening a specially crafted URI in Inkscape, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary

systems | linux, ubuntu

advisories | CVE-2007-1463

SHA-256 | f2b35298e2a943b4dc3c48ea468c2918ffe8accf76da0789c798e4f16ccd8b51

Download | Favorite | View