| Vulnerability Name: | CVE-2005-3885 (CCN-21736) | ||||||||
| Assigned: | 2005-08-09 | ||||||||
| Published: | 2005-08-09 | ||||||||
| Updated: | 2018-10-03 | ||||||||
| Summary: | The ps2epsi extension shell script (ps2epsi.sh) in Inkscape before 0.41 allows local users to overwrite arbitrary files via a symlink attack on the tmpepsifile.epsi temporary file. | ||||||||
| CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | File Manipulation | ||||||||
| References: | Source: CONFIRM Type: UNKNOWN http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321501 Source: MITRE Type: CNA CVE-2005-3885 Source: CCN Type: SA16343 Inkscape ps2epsi.sh Insecure Temporary File Creation Source: SECUNIA Type: UNKNOWN 16343 Source: SECUNIA Type: UNKNOWN 17882 Source: SECUNIA Type: UNKNOWN 17886 Source: CCN Type: SourceForge.net Project: Inkscape: Summary Source: DEBIAN Type: UNKNOWN DSA-916 Source: DEBIAN Type: DSA-916 inkscape -- buffer overflow Source: CCN Type: Inkscape Web site Official Releases Source: CCN Type: OSVDB ID: 18636 Inkscape ps2epsi.sh Symlink Arbitrary File Overwrite Source: BID Type: Patch 14522 Source: CCN Type: BID-14522 Inkscape Insecure Temporary File Creation Vulnerability Source: CCN Type: USN-223-1 Inkscape vulnerability Source: XF Type: UNKNOWN inkscape-ps2epsi-symlink(21736) Source: UBUNTU Type: UNKNOWN USN-223-1 | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Oval Definitions | |||||||||
| |||||||||
| BACK | |||||||||