15 matches found
SUSE CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
Fedora Extras 5 : dia-0.95-3
This update fixes CVE-2006-1550, CVE-2006-2453, CVE-2006-2480 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Gentoo Security Advisory GLSA 200606-03 (dia)
The remote host is missing updates announced in advisory GLSA 200606-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200606-03 (dia)
The remote host is missing updates announced in advisory GLSA 200606-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 10 Security Update : dia (dia-1435)
Format string bugs in dia could potentially be exploited to execute arbitrary code CVE-2006-2453, CVE-2006-2480. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update dia-1435. The text description ...
CentOS 4 : dia (CESA-2006:0541)
Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...
RHEL 4 : dia (RHSA-2006:0541)
Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...
security flaw
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
Moderate: Red Hat Security Advisory: dia security update
Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...
Mandrake Linux Security Advisory : dia (MDKSA-2006:093)
A format string vulnerability in Dia allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...
Format string
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
Ubuntu 5.04 / 5.10 : dia vulnerabilities (USN-286-1)
Several format string vulnerabilities have been discovered in dia. By tricking a user into opening a specially crafted dia file, or a file with a specially crafted name, this could be exploited to execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted...
CVE-2006-2480
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...
CVE-2006-2480
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...
CVE-2006-2480
Dia (0.94) is affected by a format-string vulnerability (CVE-2006-2480) that could allow a remote attacker to cause a crash or potentially execute code by crafted input (e.g., a crafted .dia/.bmp filename). Several connected advisories confirm this issue and reference CVE-2006-2453 as well, with ...