145 matches found
[SECURITY] Fedora 14 Update: glpi-data-injection-2.0.2-1.fc14
Plugin for importing data into GLPI It'll can serve, for example, to : - import machines at the delivery electronic delivery order in CSV - import additional data - import equipment not managed by OCS - transmit from an other tool of asset management...
FreeBSD : dia -- XFig Import Plugin Buffer Overflow (b5fc63ad-c4c3-11da-9699-00123ffe8333)
Secunia reports : Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the XFig import plugin. This can be exploited to cause buffer overflows and may allo...
Ubuntu 5.04 : dia vulnerability (USN-193-1)
Joxean Koret discovered that the SVG import plugin did not properly sanitise data read from an SVG file. By tricking an user into opening a specially crafted SVG file, an attacker could exploit this to execute arbitrary code with the privileges of the user. Note that Tenable Network Security has...
Debian DSA-847-1 : dia - missing input sanitising
Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
CVE-2005-2966
The Python SVG import plugin diasvgimport.py for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file...