Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2011-3146
Description:librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
Test IDs: 1.3.6.1.4.1.25623.1.0.70212   1.3.6.1.4.1.25623.1.0.70211   1.3.6.1.4.1.25623.1.0.70099   1.3.6.1.4.1.25623.1.0.70327   1.3.6.1.4.1.25623.1.0.70929   1.3.6.1.4.1.25623.1.0.122088   1.3.6.1.4.1.25623.1.0.840742   1.3.6.1.4.1.25623.1.0.863498   1.3.6.1.4.1.25623.1.0.870619   1.3.6.1.4.1.25623.1.0.863925   1.3.6.1.4.1.25623.1.0.863535  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2011-3146
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065730.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/066127.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-September/065739.html
https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/825497
https://bugzilla.redhat.com/show_bug.cgi?id=734936
RedHat Security Advisories: RHSA-2011:1289
http://rhn.redhat.com/errata/RHSA-2011-1289.html
http://secunia.com/advisories/45877




© 1998-2021 E-Soft Inc. All rights reserved.