Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Inkscape reads .eps files from /tmp instead of the current directory
From: Kurt Seifried <kseifried () redhat com>
Date: Sat, 29 Dec 2012 20:28:08 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/29/2012 03:31 AM, Salvatore Bonaccorso wrote:
Hi

Going trough some bugreports in Debian I noticed [1], [2] I
haven't found a CVE for "Inkscape reads .eps files from /tmp
instead of the current directory".

If one has file foo.eps in current directory, and /tmp/foo.eps is 
present

$ inkscape foo.eps

opens the copy in /tmp/foo.eps

Does this warrants a CVE? If so could you assign one?

Yes, please use CVE-2012-6076 for this issue. Relying on file names to
be not guessed so mystery content isn't opened up is not such a good
thing.

[1]: http://bugs.debian.org/654341 [2]:
https://bugs.launchpad.net/inkscape/+bug/911146

Regards, Salvatore




- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQ37TIAAoJEBYNRVNeJnmTXAgQAMdcyZMVT4Kfz+ERKIRAC+vc
gzaDlCxW0+fVhNDYWczAb8ZY48XfoJATlGZWovKrGJNhvkQn1UV9JY6LdeY9Zexm
xIvc2HLYGQdZxaQWk+1p1pya22cXSRV2dFdPsL+bO47myOQX27AKP6utNGKYwfew
jEre2B3C81pAnaj0+beDMZZZgKbl1HqNMnu84k6kBrMpbdwwAKVje5MQXKBQbURh
SZKd4A/IMoSfkaRkc4SF7g/0v/+xf4OB7TRF3ekXUwCh75T0fwX84WVU48Z/0b4i
Jvl3kiFy5aGO46vJGktXzJDkfxSXYE9g4FYnD3xrIPm04MbtzZdoS+ecjUNFVc++
hD0ujicLKFDGsi/7eFjavHa2f5u9ZUn0l94Jq4U+zacuZTv6MbZLRDzo0ZNZTVjp
27XGyLWWt/k4k441JzXyUb/NGoF1tMmMuffViyT9kp8ycUKBE4JtMuuIIvK3Nh74
mzyMi0jBZn/a0FQcRfaOrCeT/tyyAkDKzm+OwBIx2OlpamrnS6A6a9szgEae9xop
tM0LpdJPk6MMbZUQnNVqcltNN4+eGOr90j58GMa6NjqYXs7vinx0w6z+rxLNX8XW
HL7r6sQu0w5pc5s0hPBlIDK8TjSrGCUVEPIzY0/yVOTS3ZjcRHQdQKLCERjgpSg6
4TJCxh6q9rAlIly/5cI6
=Fy2c
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault