Vulnerability   
Search   
    Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2005.223.1
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-223-1)
Summary:The remote host is missing an update for the 'inkscape' package(s) announced via the USN-223-1 advisory.
Description:Summary:
The remote host is missing an update for the 'inkscape' package(s) announced via the USN-223-1 advisory.

Vulnerability Insight:
Javier Fernandez-Sanguino Pena discovered that Inkscape's ps2epsi.sh
script, which converts PostScript files to Encapsulated PostScript
format, creates a temporary file in an insecure way. A local attacker
could exploit this with a symlink attack to create or overwrite
arbitrary files with the privileges of the user running Inkscape.

Affected Software/OS:
'inkscape' package(s) on Ubuntu 5.04.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-3885
BugTraq ID: 14522
http://www.securityfocus.com/bid/14522
Debian Security Information: DSA-916 (Google Search)
http://www.debian.org/security/2005/dsa-916
http://secunia.com/advisories/16343
http://secunia.com/advisories/17882
http://secunia.com/advisories/17886
https://usn.ubuntu.com/223-1/
CopyrightCopyright (C) 2022 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2025 E-Soft Inc. All rights reserved.