8517 matches found
Dia: Format string vulnerabilities
Background Dia is a GTK+ based diagram creation program. Description KaDaL-X discovered a format string error within the handling of filenames. Hans de Goede also discovered several other format string errors in the processing of dia files. Impact By enticing a user to open a specially crafted...
RHEL 4 : dia (RHSA-2006:0541)
Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...
dia security update
CentOS Errata and Security Advisory CESA-2006:0541 Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of...
security flaw
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
Moderate: Red Hat Security Advisory: dia security update
Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...
Mandrake Linux Security Advisory : dia (MDKSA-2006:093)
A format string vulnerability in Dia allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...
Format string
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
DEBIAN-CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
CVE-2006-2453
CVE-2006-2453 / CVE-2006-2480 (Dia): The vulnerability is in Dia’s format string handling. Multiple connected advisories (OpenSUSE, Red Hat/CentOS, Gentoo GLSA) state that crafted Dia files could allow arbitrary code execution under the user running Dia. Affected: Dia (the diagram drawing app) wi...
CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
CVE-2006-2453
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...
USN-286-1: Dia vulnerabilities
Several format string vulnerabilities have been discovered in dia. By tricking a user into opening a specially crafted dia file, or a file with a specially crafted name, this could be exploited to execute arbitrary code with the user's privileges...
Dia 0.8x0.9x - Filename Remote Format String
Dia 0.8x0.9x - Filename Remote Format String source: https://www.securityfocus.com/bid/18078/info Dia is prone to a remote format-string vulnerability. This issue arises when the application handles specially crafted filenames. An attacker can exploit this vulnerability by crafting a malicious...
Dia 0.8x/0.9x - Filename Remote Format String
source: https://www.securityfocus.com/bid/18078/info Dia is prone to a remote format-string vulnerability. This issue arises when the application handles specially crafted filenames. An attacker can exploit this vulnerability by crafting a malicious filename that contains format specifiers and th...
CVE-2006-1520
Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...
Format string
Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...
Format string
Multiple format string vulnerabilities in a OpenBOR 2.0046 and earlier, b Beats of Rage BOR 1.0029 and earlier, and c Horizontal Shooter BOR HOR 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by t...