Inkscape 0.41/0.42 - '.SVG' Image Buffer Overflow

EDB-ID:

26540




Platform:

Linux

Date:

2005-11-21


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/15507/info

Inkscape is prone to a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data before copying it into a finite sized buffer.

When the application processes a malformed SVG image file, it results in a buffer overflow. An attacker can exploit this vulnerability to execute arbitrary code in the context of the victim user. 

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/26540.svg