Vulnerability Details : CVE-2012-6076
Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.
Products affected by CVE-2012-6076
- cpe:2.3:a:inkscape:inkscape:*:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.42.2:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.41:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.42:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.44:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.40:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.43:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48:pre1:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.46:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.45.1:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.39:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48:pre0:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:pre4:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.44.1:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.38.1:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.37:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48.2:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48.1:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:pre1:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:pre0:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.48.3:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:pre3:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.47:pre2:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2012-6076
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-6076
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST |
CWE ids for CVE-2012-6076
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-6076
-
https://bugs.launchpad.net/inkscape/+bug/911146
Bug #911146 “Inkscape reads .eps files from /tmp instead of the ...” : Bugs : Inkscape
-
http://www.ubuntu.com/usn/USN-1712-1
USN-1712-1: Inkscape vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-updates/2013-02/msg00041.html
openSUSE-SU-2013:0294-1: moderate: inkscape: two security fixes
-
http://lists.opensuse.org/opensuse-updates/2013-02/msg00043.html
openSUSE-SU-2013:0297-1: moderate: inkscape: two security fixes
-
http://www.openwall.com/lists/oss-security/2012/12/30/2
oss-security - Re: Inkscape reads .eps files from /tmp instead of the current directory
-
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654341
#654341 - [CVE-2012-6076] inkscape reads .eps files from /tmp instead of the current directory - Debian Bug report logs
Jump to