CVE-2005-3737

NONE EPSS 96.0%
Published Nov 22, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Nov 22, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.

Threat Intelligence

EPSS Exploit Probability
96.0% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Affected Products 4

VendorProductVersionRange
inkscapeinkscape0.41any
inkscapeinkscape0.42any
inkscapeinkscape0.42.1any
inkscapeinkscape0.42.2any

References 13

  • bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894
  • cvs.sourceforge.net http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1
  • secunia.com http://secunia.com/advisories/17651
    Vendor Advisory
  • secunia.com http://secunia.com/advisories/17662
    PatchVendor Advisory
  • secunia.com http://secunia.com/advisories/17778
  • secunia.com http://secunia.com/advisories/17882
  • securityreason.com http://securityreason.com/securityalert/58
  • debian.org http://www.debian.org/security/2005/dsa-916
  • gentoo.org http://www.gentoo.org/security/en/glsa/glsa-200511-22.xml
  • novell.com http://www.novell.com/linux/security/advisories/2005_28_sr.html
  • securityfocus.com http://www.securityfocus.com/bid/15507
    ExploitPatch
  • ubuntulinux.org http://www.ubuntulinux.org/usn/usn-217-1
  • vupen.com http://www.vupen.com/english/advisories/2005/2511

Remediation