Bug 11205 - CVE-2007-1463, CVE-2007-1464: inkscape < 0.45.1 vulnerabilities
: CVE-2007-1463, CVE-2007-1464: inkscape < 0.45.1 vulnerabilities
Status: CLOSED FIXED
: Sisyphus
(All bugs in Sisyphus/inkscape)
: unstable
: all Linux
: P2 normal
Assigned To:
:
:
:
:
:
  Show dependency tree
 
Reported: 2007-03-24 19:33 by
Modified: 2007-03-26 01:13 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2007-03-24 19:33:56
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1463
"Format string vulnerability in Inkscape before 0.45.1 allows user-assisted
remote attackers to execute arbitrary code via format string specifiers in a
URI, which is not properly handled by certain dialogs."

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1464
"Format string vulnerability in the whiteboard Jabber protocol in Inkscape
before 0.45.1 allows user-assisted remote attackers to execute arbitrary code
via unspecified vectors."

in Sisyphus 0.45...
------- Comment #1 From 2007-03-25 00:19:25 -------
отправил 0.45.1 в Сизиф