7.6 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.013 Low
EPSS
Percentile
85.8%
Three buffer overflows were discovered in the Xfig file format
importer. By tricking a user into opening a specially crafted .fig
file with dia, an attacker could exploit this to execute arbitrary
code with the user’s privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 5.10 | noarch | dia-gnome | < * | UNKNOWN |
Ubuntu | 5.10 | noarch | dia | < * | UNKNOWN |
Ubuntu | 5.10 | noarch | dia-libs | < * | UNKNOWN |
Ubuntu | 5.04 | noarch | dia-gnome | < * | UNKNOWN |
Ubuntu | 5.04 | noarch | dia | < * | UNKNOWN |
Ubuntu | 5.04 | noarch | dia-libs | < * | UNKNOWN |
Ubuntu | 4.10 | noarch | dia-gnome | < * | UNKNOWN |
Ubuntu | 4.10 | noarch | dia | < * | UNKNOWN |
Ubuntu | 4.10 | noarch | dia-libs | < * | UNKNOWN |