[Inkscape-devel] possible bug

17 Aug 2005

      In reading through my technorati filter for Inkscape, I found this
insecurity announcement. Should this be filed?
34. Inkscape Insecure Temporary File Creation Vulnerability
BugTraq ID: 14522
Remote: No
Date Published: 2005-08-09
Relevant URL: http://www.securityfocus.com/bid/14522
Summary:
Inkscape creates temporary files in the '/tmp' directory in an insecure
manner. An attacker with local access may overwrite or create files
using symbolic link attacks.
This type of attack can result in denial of service or loss of data
within the context of the affected application. Other attacks may be
possible.
Search for Inkscape:
http://aquades.blogspot.com/2005/08/securityfocus-newsletter-311.html
Jon
-- 
Jon Phillips

San Francisco, CA
Mission District
USA PH 510.499.0894
jon@...235...
http://www.rejon.org

MSN, AIM, Yahoo Chat: kidproto
Jabber Chat: rejon@...896...
IRC: rejon@...897...

Inkscape (http://inkscape.org)
Open Clip Art Library (www.openclipart.org)