Computer Security
[EN] securityvulns.ru no-pyccku


librsvg code execution
Published:20.09.2011
Source:
SecurityVulns ID:11913
Type:library
Threat Level:
5/10
Description:Code excution on SVG files parsing
Affected:LIBRSVG : librsvg 2.32
CVE:CVE-2011-3146 (librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.)
Original documentdocumentUBUNTU, [USN-1206-1] librsvg vulnerability (20.09.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod