7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.013 Low
EPSS
Percentile
85.8%
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | dia | < 0.94.0-18 | dia_0.94.0-18_all.deb |
Debian | 11 | all | dia | < 0.94.0-18 | dia_0.94.0-18_all.deb |
Debian | 999 | all | dia | < 0.94.0-18 | dia_0.94.0-18_all.deb |
Debian | 13 | all | dia | < 0.94.0-18 | dia_0.94.0-18_all.deb |