6.8 - USN-1206-1

Executive Summary

Summary
Title	librsvg vulnerability

Informations
Name	USN-1206-1	First vendor Publication	2011-09-13
Vendor	Ubuntu	Last vendor Modification	2011-09-13
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score	6.8	Attack Range	Network
Cvss Impact Score	6.4	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS

Summary:

SVG image rendering library has had flaws fixed.

Software Description: - librsvg: Rendering library for SVG files

Details:

Sauli Pahlman discovered that librsvg did not correctly handle malformed filter names. If a user or automated system were tricked into processing a specially crafted SVG image, a remote attacker could gain user privileges.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.04:
librsvg2-2 2.32.1-0ubuntu3.1
librsvg2-bin 2.32.1-0ubuntu3.1
librsvg2-common 2.32.1-0ubuntu3.1
librsvg2-dev 2.32.1-0ubuntu3.1

Ubuntu 10.10:
librsvg2-2 2.32.0-0ubuntu1.1
librsvg2-bin 2.32.0-0ubuntu1.1
librsvg2-common 2.32.0-0ubuntu1.1
librsvg2-dev 2.32.0-0ubuntu1.1

Ubuntu 10.04 LTS:
librsvg2-2 2.26.3-0ubuntu1.1
librsvg2-bin 2.26.3-0ubuntu1.1
librsvg2-common 2.26.3-0ubuntu1.1
librsvg2-dev 2.26.3-0ubuntu1.1

After a standard system update you need to restart your session to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1206-1
CVE-2011-3146

Package Information:
https://launchpad.net/ubuntu/+source/librsvg/2.32.1-0ubuntu3.1
https://launchpad.net/ubuntu/+source/librsvg/2.32.0-0ubuntu1.1
https://launchpad.net/ubuntu/+source/librsvg/2.26.3-0ubuntu1.1

Original Source

Url : http://www.ubuntu.com/usn/USN-1206-1

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15370

Oval ID:	oval:org.mitre.oval:def:15370
Title:	USN-1206-1 -- librsvg vulnerability
Description:	librsvg: Rendering library for SVG files SVG image rendering library has had flaws fixed.
Family:	unix	Class:	patch
Reference(s):	USN-1206-1 CVE-2011-3146	Version:	5
Platform(s):	Ubuntu 11.04 Ubuntu 10.04 Ubuntu 10.10	Product(s):	librsvg
Definition Synopsis:
Release section Ubuntu 11.04 is installed AND Installed architecture is all AND Packages section librsvg2-bin DPKG is earlier than 2.32.1-0ubuntu3.1 AND librsvg2-2 DPKG is earlier than 2.32.1-0ubuntu3.1 AND librsvg2-common DPKG is earlier than 2.32.1-0ubuntu3.1 AND librsvg2-dev DPKG is earlier than 2.32.1-0ubuntu3.1 OR Release section Ubuntu 10.04 is installed AND Installed architecture is all AND Packages section librsvg2-bin DPKG is earlier than 2.26.3-0ubuntu1.1 AND librsvg2-2 DPKG is earlier than 2.26.3-0ubuntu1.1 AND librsvg2-common DPKG is earlier than 2.26.3-0ubuntu1.1 AND librsvg2-dev DPKG is earlier than 2.26.3-0ubuntu1.1 OR Release section Ubuntu 10.10 is installed AND Installed architecture is all AND Packages section librsvg2-bin DPKG is earlier than 2.32.0-0ubuntu1.1 AND librsvg2-2 DPKG is earlier than 2.32.0-0ubuntu1.1 AND librsvg2-common DPKG is earlier than 2.32.0-0ubuntu1.1 AND librsvg2-dev DPKG is earlier than 2.32.0-0ubuntu1.1

Definition Id: oval:org.mitre.oval:def:21686

Oval ID:	oval:org.mitre.oval:def:21686
Title:	RHSA-2011:1289: librsvg2 security update (Moderate)
Description:	librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:1289-01 CVE-2011-3146	Version:	4
Platform(s):	Red Hat Enterprise Linux 6	Product(s):	librsvg2
Definition Synopsis:
The operating system installed on the system is Red Hat Enterprise Linux 6 Packages section librsvg2-devel is earlier than 0:2.26.0-5.el6_1.1 AND librsvg2 is earlier than 0:2.26.0-5.el6_1.1

Definition Id: oval:org.mitre.oval:def:23623

Oval ID:	oval:org.mitre.oval:def:23623
Title:	ELSA-2011:1289: librsvg2 security update (Moderate)
Description:	librsvg before 2.34.1 uses the node name to identify the type of node, which allows context-dependent attackers to cause a denial of service (NULL pointer dereference) and possibly execute arbitrary code via a SVG file with a node with the element name starting with "fe," which is misidentified as a RsvgFilterPrimitive.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1289-01 CVE-2011-3146	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	librsvg2
Definition Synopsis:
Oracle Linux 6.x rpm test librsvg2-devel is earlier than 0:2.26.0-5.el6_1.1 AND librsvg2 is earlier than 0:2.26.0-5.el6_1.1

Definition Id: oval:org.mitre.oval:def:27599

Oval ID:	oval:org.mitre.oval:def:27599
Title:	DEPRECATED: ELSA-2011-1289 -- librsvg2 security update (moderate)
Description:	[2.26.0-5.el6_1.1] - Store node type separately in RsvgNode (CVE-2011-3146) Resolves: #735266
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-1289 CVE-2011-3146	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	librsvg2
Definition Synopsis:
Oracle Linux 6.x Packages match section librsvg2 is earlier than 0:2.26.0-5.el6_1.1 AND librsvg2-devel is earlier than 0:2.26.0-5.el6_1.1

CPE : Common Platform Enumeration

Type	Description	Count
Application	Gnome Librsvg cpe:2.3:a:gnome:librsvg:2.34.0:::::::* cpe:2.3:a:gnome:librsvg:2.32.1:::::::* cpe:2.3:a:gnome:librsvg:2.32.0:::::::* cpe:2.3:a:gnome:librsvg:2.31.0:::::::* cpe:2.3:a:gnome:librsvg:2.3.1:::::::* cpe:2.3:a:gnome:librsvg:2.3.0:::::::* cpe:2.3:a:gnome:librsvg:2.26.3:::::::* cpe:2.3:a:gnome:librsvg:2.26.2:::::::* cpe:2.3:a:gnome:librsvg:2.26.1:::::::* cpe:2.3:a:gnome:librsvg:2.26.0:::::::* cpe:2.3:a:gnome:librsvg:2.22.3:::::::* cpe:2.3:a:gnome:librsvg:2.22.2:::::::* cpe:2.3:a:gnome:librsvg:2.22.1:::::::* cpe:2.3:a:gnome:librsvg:2.22.0:::::::* cpe:2.3:a:gnome:librsvg:2.20.0:::::::* cpe:2.3:a:gnome:librsvg:2.2.5:::::::* cpe:2.3:a:gnome:librsvg:2.2.4:::::::* cpe:2.3:a:gnome:librsvg:2.2.3:::::::* cpe:2.3:a:gnome:librsvg:2.2.2:::::::* cpe:2.3:a:gnome:librsvg:2.2.1:::::::* cpe:2.3:a:gnome:librsvg:2.2.0:::::::* cpe:2.3:a:gnome:librsvg:2.18.2:::::::* cpe:2.3:a:gnome:librsvg:2.18.1:::::::* cpe:2.3:a:gnome:librsvg:2.18.0:::::::* cpe:2.3:a:gnome:librsvg:2.16.1:::::::* cpe:2.3:a:gnome:librsvg:2.16.0:::::::* cpe:2.3:a:gnome:librsvg:2.15.90:::::::* cpe:2.3:a:gnome:librsvg:2.15.0:::::::* cpe:2.3:a:gnome:librsvg:2.14.4:::::::* cpe:2.3:a:gnome:librsvg:2.14.3:::::::* cpe:2.3:a:gnome:librsvg:2.14.2:::::::* cpe:2.3:a:gnome:librsvg:2.14.1:::::::* cpe:2.3:a:gnome:librsvg:2.14.0:::::::* cpe:2.3:a:gnome:librsvg:2.13.93:::::::* cpe:2.3:a:gnome:librsvg:2.13.92:::::::* cpe:2.3:a:gnome:librsvg:2.13.91:::::::* cpe:2.3:a:gnome:librsvg:2.13.90:::::::* cpe:2.3:a:gnome:librsvg:2.13.5:::::::* cpe:2.3:a:gnome:librsvg:2.13.4:::::::* cpe:2.3:a:gnome:librsvg:2.13.3:::::::* cpe:2.3:a:gnome:librsvg:2.13.2:::::::* cpe:2.3:a:gnome:librsvg:2.13.1:::::::* cpe:2.3:a:gnome:librsvg:2.13.0:::::::* cpe:2.3:a:gnome:librsvg:2.12.7:::::::* cpe:2.3:a:gnome:librsvg:2.12.6:::::::* cpe:2.3:a:gnome:librsvg:2.12.5:::::::* cpe:2.3:a:gnome:librsvg:2.12.4:::::::* cpe:2.3:a:gnome:librsvg:2.12.3:::::::* cpe:2.3:a:gnome:librsvg:2.12.2:::::::* cpe:2.3:a:gnome:librsvg:2.12.1:::::::* cpe:2.3:a:gnome:librsvg:2.12.0:::::::* cpe:2.3:a:gnome:librsvg:2.11.1:::::::* cpe:2.3:a:gnome:librsvg:2.11.0:::::::* cpe:2.3:a:gnome:librsvg:2.1.5:::::::* cpe:2.3:a:gnome:librsvg:2.1.4:::::::* cpe:2.3:a:gnome:librsvg:2.1.3:::::::* cpe:2.3:a:gnome:librsvg:2.1.2:::::::* cpe:2.3:a:gnome:librsvg:2.1.1:::::::* cpe:2.3:a:gnome:librsvg:2.1.0:::::::* cpe:2.3:a:gnome:librsvg:2.0.1:::::::* cpe:2.3:a:gnome:librsvg:2.0.0:::::::* cpe:2.3:a:gnome:librsvg:1.1.6:::::::* cpe:2.3:a:gnome:librsvg:1.1.5:::::::* cpe:2.3:a:gnome:librsvg:1.1.4:::::::* cpe:2.3:a:gnome:librsvg:1.1.3:::::::* cpe:2.3:a:gnome:librsvg:1.1.2:::::::* cpe:2.3:a:gnome:librsvg:1.1.1:::::::* cpe:2.3:a:gnome:librsvg:1.0.3:::::::* cpe:2.3:a:gnome:librsvg:1.0.2:::::::* cpe:2.3:a:gnome:librsvg:1.0.1:::::::* cpe:2.3:a:gnome:librsvg:1.0.0:::::::* cpe:2.3:a:gnome:librsvg::::::::	72

OpenVAS Exploits

Date	Description
2012-07-09	Name : RedHat Update for librsvg2 RHSA-2011:1289-01 File : nvt/gb_RHSA-2011_1289-01_librsvg2.nasl
2012-04-02	Name : Fedora Update for librsvg2 FEDORA-2011-12312 File : nvt/gb_fedora_2011_12312_librsvg2_fc16.nasl
2011-09-23	Name : Fedora Update for librsvg2 FEDORA-2011-12301 File : nvt/gb_fedora_2011_12301_librsvg2_fc14.nasl
2011-09-16	Name : Ubuntu Update for librsvg USN-1206-1 File : nvt/gb_ubuntu_USN_1206_1.nasl
2011-09-12	Name : Fedora Update for librsvg2 FEDORA-2011-12271 File : nvt/gb_fedora_2011_12271_librsvg2_fc15.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
75270	librsvg Node Type SVG Image Handling Remote DoS

Nessus® Vulnerability Scanner

Date	Description
2015-01-19	Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_librsvg_20120626.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_3_gdk-pixbuf-loader-rsvg-110916.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : suse_11_4_gdk-pixbuf-loader-rsvg-110920.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1289.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110913_librsvg2_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2011-12-13	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_librsvg-110920.nasl - Type : ACT_GATHER_INFO
2011-09-20	Name : The remote Fedora host is missing a security update. File : fedora_2011-12301.nasl - Type : ACT_GATHER_INFO
2011-09-14	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1289.nasl - Type : ACT_GATHER_INFO
2011-09-14	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1206-1.nasl - Type : ACT_GATHER_INFO
2011-09-12	Name : The remote Fedora host is missing a security update. File : fedora_2011-12271.nasl - Type : ACT_GATHER_INFO
2011-09-12	Name : The remote Fedora host is missing a security update. File : fedora_2011-12312.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:58:58	Multiple Updates

Global Informations

Type	Count
Oval ID(s)	4
CPE ID(s)	72
osvdb(s)	1
Openvas Exploit(s)	5
Nessus® Exploit(s)	11

	Related
6.8	CVE-2011-3146
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 1 more Alert(s)

6.8 - USN-1206-1

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU