CVE-2005-3737

Inkscape 0.41-0.42.2 - Buffer Overflow in SVG Importer Style Property Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3737. PoCs published by Joxean Koret.

AI-analyzed exploit summary The provided text describes a buffer overflow vulnerability in Inkscape (CVE-2005-3737) triggered by processing a malformed SVG file. It references an external source for the exploit but does not include actual exploit code.

Description

Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Joxean Koret · textremotelinux

https://www.exploit-db.com/exploits/26540

View Code ZIP pw:eip

The provided text describes a buffer overflow vulnerability in Inkscape (CVE-2005-3737) triggered by processing a malformed SVG file. It references an external source for the exploit but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: Inkscape (version not specified)

No auth needed

Prerequisites: Victim must open a malformed SVG file

MITRE ATT&CK

T1211 - Exploitation for Defense Evasion

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (13)

Core 13

Core References

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200511-22.xml

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2005_28_sr.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17778

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17651

Various Sources vendor-advisory x_refsource_ubuntu

http://www.ubuntulinux.org/usn/usn-217-1

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/15507

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17882

Product x_refsource_confirm

http://cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cpp?r1=1.110&r2=1.110.2.1

Third Party Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2005/2511

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2005/dsa-916

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/58

Issue Tracking x_refsource_misc

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=330894

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/17662

Scores

EPSS 0.1342

EPSS Percentile 95.9%

Details

Status published

Products (4)

inkscape/inkscape 0.41

inkscape/inkscape 0.42

inkscape/inkscape 0.42.1

inkscape/inkscape 0.42.2

Published Nov 22, 2005

Tracked Since Feb 18, 2026