Unrated severityNVD Advisory· Published Nov 22, 2005· Updated Apr 16, 2026

CVE-2005-3737

Description

Buffer overflow in the SVG importer (style.cpp) of inkscape 0.41 through 0.42.2 might allow remote attackers to execute arbitrary code via a SVG file with long CSS style property values.

Affected products

Inkscape/Inkscape4 versions
cpe:2.3:a:inkscape:inkscape:0.41:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:inkscape:inkscape:0.41:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.42:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.42.1:*:*:*:*:*:*:*
- cpe:2.3:a:inkscape:inkscape:0.42.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/17662nvdPatchVendor Advisory
www.securityfocus.com/bid/15507nvdExploitPatch
secunia.com/advisories/17651nvdVendor Advisory
bugs.debian.org/cgi-bin/bugreport.cginvd
cvs.sourceforge.net/viewcvs.py/inkscape/inkscape/src/style.cppnvd
secunia.com/advisories/17778nvd
secunia.com/advisories/17882nvd
securityreason.com/securityalert/58nvd
www.debian.org/security/2005/dsa-916nvd
www.gentoo.org/security/en/glsa/glsa-200511-22.xmlnvd
www.novell.com/linux/security/advisories/2005_28_sr.htmlnvd
www.ubuntulinux.org/usn/usn-217-1nvd
www.vupen.com/english/advisories/2005/2511nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.022
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000