CVE-2012-6076

Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts.

Affected Software

Name	Vendor	Start Version	End Version
Inkscape	Inkscape	*	0.48.3.1 (including)
Inkscape	Inkscape	0.37 (including)	0.37 (including)
Inkscape	Inkscape	0.38.1 (including)	0.38.1 (including)
Inkscape	Inkscape	0.39 (including)	0.39 (including)
Inkscape	Inkscape	0.40 (including)	0.40 (including)
Inkscape	Inkscape	0.41 (including)	0.41 (including)
Inkscape	Inkscape	0.42 (including)	0.42 (including)
Inkscape	Inkscape	0.42.2 (including)	0.42.2 (including)
Inkscape	Inkscape	0.43 (including)	0.43 (including)
Inkscape	Inkscape	0.44 (including)	0.44 (including)
Inkscape	Inkscape	0.44.1 (including)	0.44.1 (including)
Inkscape	Inkscape	0.45.1 (including)	0.45.1 (including)
Inkscape	Inkscape	0.46 (including)	0.46 (including)
Inkscape	Inkscape	0.47 (including)	0.47 (including)
Inkscape	Inkscape	0.47-pre0 (including)	0.47-pre0 (including)
Inkscape	Inkscape	0.47-pre1 (including)	0.47-pre1 (including)
Inkscape	Inkscape	0.47-pre2 (including)	0.47-pre2 (including)
Inkscape	Inkscape	0.47-pre3 (including)	0.47-pre3 (including)
Inkscape	Inkscape	0.47-pre4 (including)	0.47-pre4 (including)
Inkscape	Inkscape	0.48 (including)	0.48 (including)
Inkscape	Inkscape	0.48-pre0 (including)	0.48-pre0 (including)
Inkscape	Inkscape	0.48-pre1 (including)	0.48-pre1 (including)
Inkscape	Inkscape	0.48.1 (including)	0.48.1 (including)
Inkscape	Inkscape	0.48.2 (including)	0.48.2 (including)
Inkscape	Inkscape	0.48.3 (including)	0.48.3 (including)
Inkscape	Ubuntu	hardy	*
Inkscape	Ubuntu	oneiric	*
Inkscape	Ubuntu	precise	*
Inkscape	Ubuntu	quantal	*
Inkscape	Ubuntu	upstream	*

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-6076
CWE	https://cwe.mitre.org/data/definitions/264.html

Affected Software

References