2017-10-16 12:31:07 -04:00
{
2019-03-18 03:04:45 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "secalert@redhat.com" ,
"ID" : "CVE-2012-5656" ,
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a" ,
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
} ,
"vendor_name" : "n/a"
}
]
}
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2017-10-16 12:31:07 -04:00
{
2019-03-18 03:04:45 +00:00
"lang" : "eng" ,
"value" : "The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack."
2017-10-16 12:31:07 -04:00
}
2019-03-18 03:04:45 +00:00
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "n/a"
}
]
}
]
} ,
"references" : {
"reference_data" : [
{
"name" : "[oss-security] 20121219 Re: CVE request: Inkscape fixes a XXE vulnerability during rasterization of SVG images" ,
"refsource" : "MLIST" ,
"url" : "http://www.openwall.com/lists/oss-security/2012/12/20/3"
} ,
{
"name" : "FEDORA-2012-20620" ,
"refsource" : "FEDORA" ,
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095380.html"
} ,
{
"name" : "http://bazaar.launchpad.net/~inkscape.dev/inkscape/trunk/revision/11931" ,
"refsource" : "CONFIRM" ,
"url" : "http://bazaar.launchpad.net/~inkscape.dev/inkscape/trunk/revision/11931"
} ,
{
"name" : "USN-1712-1" ,
"refsource" : "UBUNTU" ,
"url" : "http://www.ubuntu.com/usn/USN-1712-1"
} ,
{
"name" : "https://launchpad.net/inkscape/+milestone/0.48.4" ,
"refsource" : "CONFIRM" ,
"url" : "https://launchpad.net/inkscape/+milestone/0.48.4"
} ,
{
"name" : "56965" ,
"refsource" : "BID" ,
"url" : "http://www.securityfocus.com/bid/56965"
} ,
{
"name" : "https://bugs.launchpad.net/inkscape/+bug/1025185" ,
"refsource" : "CONFIRM" ,
"url" : "https://bugs.launchpad.net/inkscape/+bug/1025185"
} ,
{
"name" : "FEDORA-2012-20621" ,
"refsource" : "FEDORA" ,
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2013-January/095398.html"
} ,
{
"name" : "openSUSE-SU-2013:0294" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00041.html"
} ,
{
"name" : "openSUSE-SU-2013:0297" ,
"refsource" : "SUSE" ,
"url" : "http://lists.opensuse.org/opensuse-updates/2013-02/msg00043.html"
} ,
{
"name" : "FEDORA-2012-20643" ,
"refsource" : "FEDORA" ,
"url" : "http://lists.fedoraproject.org/pipermail/package-announce/2012-December/095024.html"
}
]
}
}