Comment 5 for bug 22882

Message-Id: <email address hidden>
Date: Fri, 30 Sep 2005 20:30:20 +0200
From: Joxean Koret <email address hidden>
To: Wolfram Quester <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#330894: inkscape: Arbitrary code execution when opening a
 malicious file

--=-2CR4F/nQcRgqX4lb7c22
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

> Hi Joxean!
> [...snip...]
>=20
> Thanks for your report. I forwarded it to the developer's mailing list.
> On my PowerBook inkscape simply crashed when opening your file, I don't
> know what it should do on a i386 box. I tried to open it in vim, but
> there it causes troubles too, at least for the syntax highlighter.=20
>=20

This is only a P.O.C. I have no working exploit at the moment for the
issue.

> I also tried it with sodipodi, but could not see an effect. It seems to
> open cleanly.
>=20
> With best wishes,
>=20
> Wolfi

Regards,
Joxean Koret

--=-2CR4F/nQcRgqX4lb7c22
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada
 digitalmente

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBDPYQ8U6rFMEYDrlERAhoEAJ4vSzidp1JdMLo/Ums7Axz1Ya10zgCggBEk
UeerxnuShj6aJ+Z434z0aBI=
=mtF9
-----END PGP SIGNATURE-----

--=-2CR4F/nQcRgqX4lb7c22--