|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu USN-438-1 (inkscape)|
|Summary:||Ubuntu USN-438-1 (inkscape)|
The remote host is missing an update to inkscape
announced via advisory USN-438-1.
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
A flaw was discovered in Inkscape's use of format strings. If a user
were tricked into opening a specially crafted URI in Inkscape, a remote
attacker could execute arbitrary code with user privileges.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
After a standard system upgrade you need to restart Inkscape or reboot
your computer to effect the necessary changes.
Risk factor : High
Common Vulnerability Exposure (CVE) ID: CVE-2007-1463|
Bugtraq: 20070324 FLEA-2007-0002-1: inkscape (Google Search)
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
BugTraq ID: 23070
BugTraq ID: 23138
XForce ISS Database: inkscape-dialogs-format-string(33163)
|Copyright||Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com|
|This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.