CVE-2012-6076
NONE EPSS 38.5%
Published Mar 12, 201313y ago · Modified Jun 16, 20262w ago
Published Mar 12, 2013 13y ago
Last Modified Jun 16, 2026 2w ago
Description
Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.
Threat Intelligence
EPSS Exploit Probability
38.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-264
Affected Products 25
| Vendor | Product | Version | Range |
|---|---|---|---|
| inkscape | inkscape | * | ≤0.48.3.1 |
| inkscape | inkscape | 0.37 | any |
| inkscape | inkscape | 0.38.1 | any |
| inkscape | inkscape | 0.39 | any |
| inkscape | inkscape | 0.40 | any |
| inkscape | inkscape | 0.41 | any |
| inkscape | inkscape | 0.42 | any |
| inkscape | inkscape | 0.42.2 | any |
| inkscape | inkscape | 0.43 | any |
| inkscape | inkscape | 0.44 | any |
| inkscape | inkscape | 0.44.1 | any |
| inkscape | inkscape | 0.45.1 | any |
| inkscape | inkscape | 0.46 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.47 | any |
| inkscape | inkscape | 0.48 | any |
| inkscape | inkscape | 0.48 | any |
| inkscape | inkscape | 0.48 | any |
| inkscape | inkscape | 0.48.1 | any |
| inkscape | inkscape | 0.48.2 | any |
| inkscape | inkscape | 0.48.3 | any |
References 6
- bugs.debian.org http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-02/msg00041.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2013-02/msg00043.html
- openwall.com http://www.openwall.com/lists/oss-security/2012/12/30/2
- ubuntu.com http://www.ubuntu.com/usn/USN-1712-1
- bugs.launchpad.net https://bugs.launchpad.net/inkscape/+bug/911146
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.