Lucene search
K

8517 matches found

Gentoo Linux
Gentoo Linux
added 2006/06/07 12:0 a.m.45 views

Dia: Format string vulnerabilities

Background Dia is a GTK+ based diagram creation program. Description KaDaL-X discovered a format string error within the handling of filenames. Hans de Goede also discovered several other format string errors in the processing of dia files. Impact By enticing a user to open a specially crafted...

7.5CVSS7.4AI score0.07628EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2006/06/05 12:0 a.m.25 views

RHEL 4 : dia (RHSA-2006:0541)

Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...

7.5CVSS6.1AI score0.07628EPSS
Exploits1References5
Cent OS
Cent OS
added 2006/06/01 6:40 p.m.56 views

dia security update

CentOS Errata and Security Advisory CESA-2006:0541 Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of...

7.5CVSS6.3AI score0.07628EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2006/06/01 5:19 p.m.6 views

security flaw

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS5.8AI score0.02241EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2006/06/01 5:19 p.m.25 views

Moderate: Red Hat Security Advisory: dia security update

Updated Dia packages that fix several buffer overflow bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Dia drawing program is designed to draw various types of diagrams. Several format string flaws were found in the w...

7.5CVSS6.3AI score0.07628EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2006/05/31 12:0 a.m.17 views

Mandrake Linux Security Advisory : dia (MDKSA-2006:093)

A format string vulnerability in Dia allows user-complicit attackers to cause a denial of service crash and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a...

7.5CVSS5.5AI score0.07628EPSS
Exploits1References2
Prion
Prion
added 2006/05/28 10:6 a.m.10 views

Format string

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS6.9AI score0.07628EPSS
Exploits1References16
NVD
NVD
added 2006/05/28 10:6 a.m.11 views

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS6.8AI score0.02241EPSS
Exploits0References16
OSV
OSV
added 2006/05/28 10:6 a.m.12 views

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

6.9AI score
Exploits0References17
OSV
OSV
added 2006/05/28 10:6 a.m.2 views

DEBIAN-CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS7AI score0.02241EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2006/05/28 10:6 a.m.24 views

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS5.9AI score0.02241EPSS
Exploits0References2
CVE
CVE
added 2006/05/28 10:0 a.m.81 views

CVE-2006-2453

CVE-2006-2453 / CVE-2006-2480 (Dia): The vulnerability is in Dia’s format string handling. Multiple connected advisories (OpenSUSE, Red Hat/CentOS, Gentoo GLSA) state that crafted Dia files could allow arbitrary code execution under the user running Dia. Affected: Dia (the diagram drawing app) wi...

7.5CVSS6.8AI score0.02241EPSS
Exploits0References16Affected Software1
Cvelist
Cvelist
added 2006/05/28 10:0 a.m.15 views

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

6.8AI score0.02241EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2006/05/28 10:0 a.m.18 views

CVE-2006-2453

Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480...

7.5CVSS6.8AI score0.02241EPSS
Exploits0
Ubuntu
Ubuntu
added 2006/05/24 4:31 p.m.39 views

USN-286-1: Dia vulnerabilities

Several format string vulnerabilities have been discovered in dia. By tricking a user into opening a specially crafted dia file, or a file with a specially crafted name, this could be exploited to execute arbitrary code with the user's privileges...

7.5CVSS5.5AI score0.07628EPSS
Exploits1
exploitpack
exploitpack
added 2006/05/23 12:0 a.m.7 views

Dia 0.8x0.9x - Filename Remote Format String

Dia 0.8x0.9x - Filename Remote Format String source: https://www.securityfocus.com/bid/18078/info Dia is prone to a remote format-string vulnerability. This issue arises when the application handles specially crafted filenames. An attacker can exploit this vulnerability by crafting a malicious...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2006/05/23 12:0 a.m.33 views

Dia 0.8x/0.9x - Filename Remote Format String

source: https://www.securityfocus.com/bid/18078/info Dia is prone to a remote format-string vulnerability. This issue arises when the application handles specially crafted filenames. An attacker can exploit this vulnerability by crafting a malicious filename that contains format specifiers and th...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2006/05/22 11:10 p.m.24 views

CVE-2006-1520

Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...

6.4CVSS6.3AI score0.02547EPSS
Exploits0References1
Prion
Prion
added 2006/05/22 11:10 p.m.13 views

Format string

Format string vulnerability in ANSI C Sender Policy Framework library libspf before 1.0.0-p5, when debugging is enabled, allows remote attackers to execute arbitrary code via format string specifiers, possibly in an e-mail address...

6.4CVSS8AI score0.02547EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2006/05/22 11:10 p.m.13 views

Format string

Multiple format string vulnerabilities in a OpenBOR 2.0046 and earlier, b Beats of Rage BOR 1.0029 and earlier, and c Horizontal Shooter BOR HOR 2.0000 and earlier allow remote attackers to execute code via format string specifiers in configurations used in various mod files, as demonstrated by t...

7.5CVSS7.9AI score0.04797EPSS
Exploits1References10Affected Software3
Rows per page
Query Builder