CVE-2012-5656

描述

The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.

受影響套件(1)

• Debian/inkscapefrom 0, < 0.48.3.1-1.2

CVSS 分數

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-5656