SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Sketch Vendors:   Herzog, Bernhard
Sketch Vector Drawing Program May Execute Arbitrary System Commands When Previewing a Malicious Sketch File
SecurityTracker Alert ID:  1003818
SecurityTracker URL:  http://securitytracker.com/id/1003818
CVE Reference:   CVE-2002-2047   (Links to External Site)
Updated:  May 22 2008
Original Entry Date:  Mar 13 2002
Impact:   Execution of arbitrary code via local system, Execution of arbitrary code via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 0.6.13
Description:   A vulnerability was reported in the Sketch vector drawing program. A user may be able to cause another user to execute arbitrary commands when opening a sketch file.

A security vulnerability was reported in Sketch related to rendering of encapsulated postscript (EPS) file previews.

It is reported that Sketch uses ghostscript to render previews of EPS files embedded in sketch-files and passes the filename of the eps file to ghostscript without quoting to the shell. A user could potentially create a file with a valid EPS filename where the filename contains shell commands to cause Sketch to execute the commands when trying to render a preview. Note that the file must actually exist, or it will not be rendered and the vulnerability cannot be triggered.

Impact:   A user may be able to cause another user to execute arbitrary code when opening a sketch file.
Solution:   The vendor has released a fixed version (0.6.13), available at:

http://sketch.sourceforge.net/download.html

A patch is also available at:

http://sketch.sourceforge.net/Patches/0.6.12/eps-filenames.diff

Vendor URL:  sketch.sourceforge.net/ (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  Sketch 0.6.13


  Sketch 0.6.13 (Stable)
  by Bernhard Herzog (http://freshmeat.net/users/bherzog/)
  Sunday, March 3rd 2002 16:36

Multimedia :: Graphics Multimedia :: Graphics :: Editors :: Vector-Based

About: Sketch is a vector drawing program similar to CorelDraw or Adobe
Illustrator. It is written almost completely in Python with some modules
written in C, combining the flexibility and power of Python with the
speed of C. Advanced features include gradient fills, clip masks, text
along a path, blend groups, convert text to curves, and more.

Changes: The most important change in this release is a fix for a
security hole related to rendering of EPS file previews.  Other than
that, this release contains some new plugins. most notably a plugin for
multiline text. and quite a few other enhancements and bugfixes.

License: GNU Lesser General Public License (LGPL)

URL: http://freshmeat.net/projects/sketch/


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC