Inkscape Client Malicious Jabber Server Format String Vulnerability
BID:23138
Info
Inkscape Client Malicious Jabber Server Format String Vulnerability
| Bugtraq ID: | 23138 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1464 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 26 2007 12:00AM |
| Updated: | May 17 2007 05:48AM |
| Credit: | Kees Cook reported this issue. |
| Vulnerable: |
rPath rPath Linux 1 Pardus Linux 2007.1 Inkscape Inkscape 0.44 Inkscape Inkscape 0.43 Inkscape Inkscape 0.42 Inkscape Inkscape 0.41 Inkscape Inkscape 0.40 Gentoo Linux Foresight Linux Foresight Linux 1.1 |
| Not Vulnerable: |
Inkscape Inkscape 0.45 |
Discussion
Inkscape Client Malicious Jabber Server Format String Vulnerability
The Inkscape client application is prone to a format-string vulnerability.
This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.
A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application.
The Inkscape client application is prone to a format-string vulnerability.
This issue presents itself because the application fails to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function.
A successful attack may crash the application or possibly lead to arbitrary code execution. This may facilitate unauthorized access or privilege escalation in the context of the user running the application.
Exploit / POC
Inkscape Client Malicious Jabber Server Format String Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Inkscape Client Malicious Jabber Server Format String Vulnerability
Solution:
The vendor has released fixes to address this issue; please see the reference section for details.
Inkscape Inkscape 0.40
Inkscape Inkscape 0.41
Inkscape Inkscape 0.42
Inkscape Inkscape 0.43
Inkscape Inkscape 0.44
Solution:
The vendor has released fixes to address this issue; please see the reference section for details.
Inkscape Inkscape 0.40
-
Inkscape inkscape-0.45.1.tar.gz
http://downloads.sourceforge.net/inkscape/inkscape-0.45.1.tar.gz
Inkscape Inkscape 0.41
-
Inkscape inkscape-0.45.1.tar.gz
http://downloads.sourceforge.net/inkscape/inkscape-0.45.1.tar.gz
Inkscape Inkscape 0.42
-
Inkscape inkscape-0.45.1.tar.gz
http://downloads.sourceforge.net/inkscape/inkscape-0.45.1.tar.gz
Inkscape Inkscape 0.43
-
Inkscape inkscape-0.45.1.tar.gz
http://downloads.sourceforge.net/inkscape/inkscape-0.45.1.tar.gz
Inkscape Inkscape 0.44
-
Inkscape inkscape-0.45.1.tar.gz
http://downloads.sourceforge.net/inkscape/inkscape-0.45.1.tar.gz
References
Inkscape Client Malicious Jabber Server Format String Vulnerability
References:
References:
- inkscape remote arbitrary code execution CVE-2007-146{3,4} (Foresight Linux)
- Vendor Homepage (Inkscape)
- FLEA-2007-0002-1: inkscape (Foresight Linux Essential Announcement Service