Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 17 Dec 2012 21:27:39 +0100
From: Nicolas Grégoire <>
Subject: CVE request: Inkscape fixes a XXE vulnerability during
 rasterization of SVG images

Inkscape is vulnerable to XXE attacks during rasterization/export of SVG

 The impact of this vulnerability range form denial of service to file
disclosure. Under Windows, it can also be used to steal LM/NTLM hashes.

 During rasterization, entities declared in the DTD are dereferenced and
the content of the target file is included in the output. Command-line
used: "inkscape -e xxe-inkscape.png xxe.svg" (PoC files are attached to
the ticket)

 CWE-827: Improper Control of Document Type Definition

Nicolas Grégoire

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ