Javier Fern�ndez-Sanguino Pe�a discovered that Inkscape’s ps2epsi.sh script, which converts PostScript files to Encapsulated PostScript format, creates a temporary file in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the privileges of the user running Inkscape.
The problem can be corrected by updating your system to the following package versions:
5 December 2005
A security issue affects these releases of Ubuntu and its derivatives:
Javier Fern�ndez-Sanguino Pe�a discovered that Inkscape’s ps2epsi.sh script, which converts PostScript files to Encapsulated PostScript format, creates a temporary file in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the privileges of the user running Inkscape.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
Vulmon