Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:gnome:librsvg:2.40.21:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-1000041 |
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows. Published: February 09, 2018; 6:29:01 PM -0500 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 4.3 MEDIUM |