Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    12 vulnerabilities by dia

    CVE-2008-5984 (GCVE-0-2008-5984)

    Vulnerability from nvd – Published: 2009-01-28 11:00 – Updated: 2024-08-07 11:13
    VLAI
    Summary
    Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2009/01/26/2 mailing-listx_refsource_MLIST
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/33448 vdb-entryx_refsource_BID
    http://secunia.com/advisories/33672 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=481551 x_refsource_CONFIRM
    http://secunia.com/advisories/33703 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:13:13.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2009-1057",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
              },
              {
                "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
              },
              {
                "name": "MDVSA-2009:046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
              },
              {
                "name": "MDVSA-2009:040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
              },
              {
                "name": "33448",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/33448"
              },
              {
                "name": "33672",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33672"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
              },
              {
                "name": "33703",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33703"
              },
              {
                "name": "dia-pysyssetargv-privilege-escalation(48262)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2009-1057",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
            },
            {
              "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
            },
            {
              "name": "MDVSA-2009:046",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
            },
            {
              "name": "MDVSA-2009:040",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
            },
            {
              "name": "33448",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/33448"
            },
            {
              "name": "33672",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33672"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
            },
            {
              "name": "33703",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33703"
            },
            {
              "name": "dia-pysyssetargv-privilege-escalation(48262)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5984",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2009-1057",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
                },
                {
                  "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
                },
                {
                  "name": "MDVSA-2009:046",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
                },
                {
                  "name": "MDVSA-2009:040",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
                },
                {
                  "name": "33448",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/33448"
                },
                {
                  "name": "33672",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33672"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=481551",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
                },
                {
                  "name": "33703",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33703"
                },
                {
                  "name": "dia-pysyssetargv-privilege-escalation(48262)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5984",
        "datePublished": "2009-01-28T11:00:00.000Z",
        "dateReserved": "2009-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:13:13.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3408 (GCVE-0-2007-3408)

    Vulnerability from nvd – Published: 2007-06-26 18:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sourceforge.net/forum/forum.php?forum_id=709959 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2328 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25810 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-06-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.470Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
              },
              {
                "name": "ADV-2007-2328",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2328"
              },
              {
                "name": "25810",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25810"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
            },
            {
              "name": "ADV-2007-2328",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2328"
            },
            {
              "name": "25810",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25810"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3408",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://sourceforge.net/forum/forum.php?forum_id=709959",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
                },
                {
                  "name": "ADV-2007-2328",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2328"
                },
                {
                  "name": "25810",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25810"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3408",
        "datePublished": "2007-06-26T18:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2453 (GCVE-0-2006-2453)

    Vulnerability from nvd – Published: 2006-05-28 10:00 – Updated: 2024-08-07 17:51
    VLAI
    Summary
    Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/archives/fedora-package-ann… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/bugzilla/show_bug.cgi… x_refsource_CONFIRM
    http://www.redhat.com/support/errata/RHSA-2006-05… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/20513 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20422 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/archives/fedora-security-li… x_refsource_CONFIRM
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://securitytracker.com/id?1016203 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/20254 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/18166 vdb-entryx_refsource_BID
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/20339 third-party-advisoryx_refsource_SECUNIA
    https://usn.ubuntu.com/286-1/ vendor-advisoryx_refsource_UBUNTU
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/20457 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:51:04.773Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2006-580",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830"
              },
              {
                "name": "RHSA-2006:0541",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
              },
              {
                "name": "20513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20513"
              },
              {
                "name": "20422",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20422"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html"
              },
              {
                "name": "SUSE-SR:2006:012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
              },
              {
                "name": "1016203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016203"
              },
              {
                "name": "20254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20254"
              },
              {
                "name": "18166",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18166"
              },
              {
                "name": "MDKSA-2006:093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
              },
              {
                "name": "oval:org.mitre.oval:def:11600",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600"
              },
              {
                "name": "20339",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20339"
              },
              {
                "name": "USN-286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/286-1/"
              },
              {
                "name": "GLSA-200606-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
              },
              {
                "name": "20457",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20457"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "FEDORA-2006-580",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830"
            },
            {
              "name": "RHSA-2006:0541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
            },
            {
              "name": "20513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20513"
            },
            {
              "name": "20422",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20422"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html"
            },
            {
              "name": "SUSE-SR:2006:012",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "1016203",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016203"
            },
            {
              "name": "20254",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20254"
            },
            {
              "name": "18166",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18166"
            },
            {
              "name": "MDKSA-2006:093",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
            },
            {
              "name": "oval:org.mitre.oval:def:11600",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600"
            },
            {
              "name": "20339",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20339"
            },
            {
              "name": "USN-286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/286-1/"
            },
            {
              "name": "GLSA-200606-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
            },
            {
              "name": "20457",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20457"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-2453",
        "datePublished": "2006-05-28T10:00:00.000Z",
        "dateReserved": "2006-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:51:04.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2480 (GCVE-0-2006-2480)

    Vulnerability from nvd – Published: 2006-05-19 21:00 – Updated: 2024-08-07 17:51
    VLAI
    Summary
    Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/18078 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2006-05… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/20513 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20422 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20199 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://securitytracker.com/id?1016203 vdb-entryx_refsource_SECTRACK
    http://kandangjamur.net/tutorial/dia.txt x_refsource_MISC
    http://secunia.com/advisories/20254 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/25699 vdb-entryx_refsource_OSVDB
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.vupen.com/english/advisories/2006/1908 vdb-entryx_refsource_VUPEN
    http://bugzilla.gnome.org/show_bug.cgi?id=342111 x_refsource_CONFIRM
    http://secunia.com/advisories/20339 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/82/433313/30… mailing-listx_refsource_VULN-DEV
    https://usn.ubuntu.com/286-1/ vendor-advisoryx_refsource_UBUNTU
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/20457 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-05-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:51:04.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "18078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18078"
              },
              {
                "name": "RHSA-2006:0541",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
              },
              {
                "name": "20513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20513"
              },
              {
                "name": "20422",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20422"
              },
              {
                "name": "20199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20199"
              },
              {
                "name": "oval:org.mitre.oval:def:11224",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
              },
              {
                "name": "SUSE-SR:2006:012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
              },
              {
                "name": "1016203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016203"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kandangjamur.net/tutorial/dia.txt"
              },
              {
                "name": "20254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20254"
              },
              {
                "name": "25699",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/25699"
              },
              {
                "name": "MDKSA-2006:093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
              },
              {
                "name": "ADV-2006-1908",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1908"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
              },
              {
                "name": "20339",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20339"
              },
              {
                "name": "20060506 DIA file name handling format string",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULN-DEV",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
              },
              {
                "name": "USN-286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/286-1/"
              },
              {
                "name": "GLSA-200606-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
              },
              {
                "name": "20457",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20457"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename.  NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "18078",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18078"
            },
            {
              "name": "RHSA-2006:0541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
            },
            {
              "name": "20513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20513"
            },
            {
              "name": "20422",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20422"
            },
            {
              "name": "20199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20199"
            },
            {
              "name": "oval:org.mitre.oval:def:11224",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
            },
            {
              "name": "SUSE-SR:2006:012",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "1016203",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016203"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kandangjamur.net/tutorial/dia.txt"
            },
            {
              "name": "20254",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20254"
            },
            {
              "name": "25699",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/25699"
            },
            {
              "name": "MDKSA-2006:093",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
            },
            {
              "name": "ADV-2006-1908",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1908"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
            },
            {
              "name": "20339",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20339"
            },
            {
              "name": "20060506 DIA file name handling format string",
              "tags": [
                "mailing-list",
                "x_refsource_VULN-DEV"
              ],
              "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
            },
            {
              "name": "USN-286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/286-1/"
            },
            {
              "name": "GLSA-200606-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
            },
            {
              "name": "20457",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20457"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2480",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename.  NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "18078",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18078"
                },
                {
                  "name": "RHSA-2006:0541",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
                },
                {
                  "name": "20513",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20513"
                },
                {
                  "name": "20422",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20422"
                },
                {
                  "name": "20199",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20199"
                },
                {
                  "name": "oval:org.mitre.oval:def:11224",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
                },
                {
                  "name": "SUSE-SR:2006:012",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
                },
                {
                  "name": "1016203",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016203"
                },
                {
                  "name": "http://kandangjamur.net/tutorial/dia.txt",
                  "refsource": "MISC",
                  "url": "http://kandangjamur.net/tutorial/dia.txt"
                },
                {
                  "name": "20254",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20254"
                },
                {
                  "name": "25699",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/25699"
                },
                {
                  "name": "MDKSA-2006:093",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
                },
                {
                  "name": "ADV-2006-1908",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1908"
                },
                {
                  "name": "http://bugzilla.gnome.org/show_bug.cgi?id=342111",
                  "refsource": "CONFIRM",
                  "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
                },
                {
                  "name": "20339",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20339"
                },
                {
                  "name": "20060506 DIA file name handling format string",
                  "refsource": "VULN-DEV",
                  "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
                },
                {
                  "name": "USN-286-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/286-1/"
                },
                {
                  "name": "GLSA-200606-03",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
                },
                {
                  "name": "20457",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20457"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2480",
        "datePublished": "2006-05-19T21:00:00.000Z",
        "dateReserved": "2006-05-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:51:04.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1550 (GCVE-0-2006-1550)

    Vulnerability from nvd – Published: 2006-03-30 23:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2006-02… vendor-advisoryx_refsource_REDHAT
    http://mail.gnome.org/archives/dia-list/2006-Marc… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/17310 vdb-entryx_refsource_BID
    http://www.debian.org/security/2006/dsa-1025 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/19505 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19765 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19469 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/429357/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/19507 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19959 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015853 vdb-entryx_refsource_SECTRACK
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/19546 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://usn.ubuntu.com/266-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/19897 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/19543 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-03-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:48.321Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDKSA-2006:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:062"
              },
              {
                "name": "RHSA-2006:0280",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0280.html"
              },
              {
                "name": "[dia-list] 20060329 Vulnerability in xfig import code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html"
              },
              {
                "name": "17310",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17310"
              },
              {
                "name": "DSA-1025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1025"
              },
              {
                "name": "19505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19505"
              },
              {
                "name": "19765",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19765"
              },
              {
                "name": "19469",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19469"
              },
              {
                "name": "20060329 Buffer overflows in Dia XFig import",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/429357/100/0/threaded"
              },
              {
                "name": "19507",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19507"
              },
              {
                "name": "19959",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19959"
              },
              {
                "name": "1015853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015853"
              },
              {
                "name": "GLSA-200604-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10361",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361"
              },
              {
                "name": "19546",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19546"
              },
              {
                "name": "FEDORA-2006-261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.html"
              },
              {
                "name": "diaxfig-xfig-import-bo(25566)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25566"
              },
              {
                "name": "USN-266-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/266-1/"
              },
              {
                "name": "19897",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19897"
              },
              {
                "name": "SUSE-SR:2006:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
              },
              {
                "name": "19543",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDKSA-2006:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:062"
            },
            {
              "name": "RHSA-2006:0280",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0280.html"
            },
            {
              "name": "[dia-list] 20060329 Vulnerability in xfig import code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html"
            },
            {
              "name": "17310",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17310"
            },
            {
              "name": "DSA-1025",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1025"
            },
            {
              "name": "19505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19505"
            },
            {
              "name": "19765",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19765"
            },
            {
              "name": "19469",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19469"
            },
            {
              "name": "20060329 Buffer overflows in Dia XFig import",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/429357/100/0/threaded"
            },
            {
              "name": "19507",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19507"
            },
            {
              "name": "19959",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19959"
            },
            {
              "name": "1015853",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015853"
            },
            {
              "name": "GLSA-200604-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10361",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361"
            },
            {
              "name": "19546",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19546"
            },
            {
              "name": "FEDORA-2006-261",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.html"
            },
            {
              "name": "diaxfig-xfig-import-bo(25566)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25566"
            },
            {
              "name": "USN-266-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/266-1/"
            },
            {
              "name": "19897",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19897"
            },
            {
              "name": "SUSE-SR:2006:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
            },
            {
              "name": "19543",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19543"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-1550",
        "datePublished": "2006-03-30T23:00:00.000Z",
        "dateReserved": "2006-03-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:48.321Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2966 (GCVE-0-2005-2966)

    Vulnerability from nvd – Published: 2005-10-05 04:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/17059 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17047 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17095 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2005/dsa-847 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2005/1950 vdb-entryx_refsource_VUPEN
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://www.debian.org/security/2006/dsa-1025 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/15000 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17083 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    https://usn.ubuntu.com/193-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/17108 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-10-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.715Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17059",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17059"
              },
              {
                "name": "17047",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17047"
              },
              {
                "name": "17095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17095"
              },
              {
                "name": "DSA-847",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-847"
              },
              {
                "name": "ADV-2005-1950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/1950"
              },
              {
                "name": "GLSA-200510-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
              },
              {
                "name": "DSA-1025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1025"
              },
              {
                "name": "15000",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15000"
              },
              {
                "name": "17083",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17083"
              },
              {
                "name": "MDKSA-2005:187",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
              },
              {
                "name": "SUSE-SR:2005:022",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
              },
              {
                "name": "USN-193-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/193-1/"
              },
              {
                "name": "17108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17108"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "17059",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17059"
            },
            {
              "name": "17047",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17047"
            },
            {
              "name": "17095",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17095"
            },
            {
              "name": "DSA-847",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-847"
            },
            {
              "name": "ADV-2005-1950",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/1950"
            },
            {
              "name": "GLSA-200510-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
            },
            {
              "name": "DSA-1025",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1025"
            },
            {
              "name": "15000",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15000"
            },
            {
              "name": "17083",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17083"
            },
            {
              "name": "MDKSA-2005:187",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
            },
            {
              "name": "SUSE-SR:2005:022",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
            },
            {
              "name": "USN-193-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/193-1/"
            },
            {
              "name": "17108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17108"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2005-2966",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17059",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17059"
                },
                {
                  "name": "17047",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17047"
                },
                {
                  "name": "17095",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17095"
                },
                {
                  "name": "DSA-847",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-847"
                },
                {
                  "name": "ADV-2005-1950",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/1950"
                },
                {
                  "name": "GLSA-200510-06",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
                },
                {
                  "name": "DSA-1025",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2006/dsa-1025"
                },
                {
                  "name": "15000",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15000"
                },
                {
                  "name": "17083",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17083"
                },
                {
                  "name": "MDKSA-2005:187",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
                },
                {
                  "name": "SUSE-SR:2005:022",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
                },
                {
                  "name": "USN-193-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/193-1/"
                },
                {
                  "name": "17108",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17108"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2005-2966",
        "datePublished": "2005-10-05T04:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5984 (GCVE-0-2008-5984)

    Vulnerability from cvelistv5 – Published: 2009-01-28 11:00 – Updated: 2024-08-07 11:13
    VLAI
    Summary
    Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://www.openwall.com/lists/oss-security/2009/01/26/2 mailing-listx_refsource_MLIST
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251 x_refsource_CONFIRM
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.securityfocus.com/bid/33448 vdb-entryx_refsource_BID
    http://secunia.com/advisories/33672 third-party-advisoryx_refsource_SECUNIA
    https://bugzilla.redhat.com/show_bug.cgi?id=481551 x_refsource_CONFIRM
    http://secunia.com/advisories/33703 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2008-11-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T11:13:13.702Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2009-1057",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
              },
              {
                "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
              },
              {
                "name": "MDVSA-2009:046",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
              },
              {
                "name": "MDVSA-2009:040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
              },
              {
                "name": "33448",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/33448"
              },
              {
                "name": "33672",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33672"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
              },
              {
                "name": "33703",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/33703"
              },
              {
                "name": "dia-pysyssetargv-privilege-escalation(48262)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "FEDORA-2009-1057",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
            },
            {
              "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
            },
            {
              "name": "MDVSA-2009:046",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
            },
            {
              "name": "MDVSA-2009:040",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
            },
            {
              "name": "33448",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/33448"
            },
            {
              "name": "33672",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33672"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
            },
            {
              "name": "33703",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/33703"
            },
            {
              "name": "dia-pysyssetargv-privilege-escalation(48262)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5984",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "FEDORA-2009-1057",
                  "refsource": "FEDORA",
                  "url": "https://www.redhat.com/archives/fedora-package-announce/2009-January/msg01065.html"
                },
                {
                  "name": "[oss-security] 20090126 CVE request -- Python \u003c 2.6 PySys_SetArgv issues (epiphany, csound, dia, eog, gedit, xchat, vim, nautilus-python, Gnumeric)",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2009/01/26/2"
                },
                {
                  "name": "MDVSA-2009:046",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:046"
                },
                {
                  "name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251",
                  "refsource": "CONFIRM",
                  "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504251"
                },
                {
                  "name": "MDVSA-2009:040",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:040"
                },
                {
                  "name": "33448",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/33448"
                },
                {
                  "name": "33672",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33672"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=481551",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=481551"
                },
                {
                  "name": "33703",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/33703"
                },
                {
                  "name": "dia-pysyssetargv-privilege-escalation(48262)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48262"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5984",
        "datePublished": "2009-01-28T11:00:00.000Z",
        "dateReserved": "2009-01-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T11:13:13.702Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3408 (GCVE-0-2007-3408)

    Vulnerability from cvelistv5 – Published: 2007-06-26 18:00 – Updated: 2024-08-07 14:14
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://sourceforge.net/forum/forum.php?forum_id=709959 x_refsource_CONFIRM
    http://www.vupen.com/english/advisories/2007/2328 vdb-entryx_refsource_VUPEN
    http://secunia.com/advisories/25810 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2007-06-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:14:13.470Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
              },
              {
                "name": "ADV-2007-2328",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2328"
              },
              {
                "name": "25810",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25810"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-26T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
            },
            {
              "name": "ADV-2007-2328",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2328"
            },
            {
              "name": "25810",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25810"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3408",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://sourceforge.net/forum/forum.php?forum_id=709959",
                  "refsource": "CONFIRM",
                  "url": "http://sourceforge.net/forum/forum.php?forum_id=709959"
                },
                {
                  "name": "ADV-2007-2328",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2328"
                },
                {
                  "name": "25810",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25810"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3408",
        "datePublished": "2007-06-26T18:00:00.000Z",
        "dateReserved": "2007-06-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:14:13.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2453 (GCVE-0-2006-2453)

    Vulnerability from cvelistv5 – Published: 2006-05-28 10:00 – Updated: 2024-08-07 17:51
    VLAI
    Summary
    Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.redhat.com/archives/fedora-package-ann… vendor-advisoryx_refsource_FEDORA
    https://bugzilla.redhat.com/bugzilla/show_bug.cgi… x_refsource_CONFIRM
    http://www.redhat.com/support/errata/RHSA-2006-05… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/20513 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20422 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/archives/fedora-security-li… x_refsource_CONFIRM
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://securitytracker.com/id?1016203 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/20254 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/18166 vdb-entryx_refsource_BID
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/20339 third-party-advisoryx_refsource_SECUNIA
    https://usn.ubuntu.com/286-1/ vendor-advisoryx_refsource_UBUNTU
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/20457 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-05-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:51:04.773Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "FEDORA-2006-580",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830"
              },
              {
                "name": "RHSA-2006:0541",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
              },
              {
                "name": "20513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20513"
              },
              {
                "name": "20422",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20422"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html"
              },
              {
                "name": "SUSE-SR:2006:012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
              },
              {
                "name": "1016203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016203"
              },
              {
                "name": "20254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20254"
              },
              {
                "name": "18166",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18166"
              },
              {
                "name": "MDKSA-2006:093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
              },
              {
                "name": "oval:org.mitre.oval:def:11600",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600"
              },
              {
                "name": "20339",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20339"
              },
              {
                "name": "USN-286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/286-1/"
              },
              {
                "name": "GLSA-200606-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
              },
              {
                "name": "20457",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20457"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "FEDORA-2006-580",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-package-announce/2006-May/msg00119.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=192830"
            },
            {
              "name": "RHSA-2006:0541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
            },
            {
              "name": "20513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20513"
            },
            {
              "name": "20422",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20422"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.redhat.com/archives/fedora-security-list/2006-May/msg00099.html"
            },
            {
              "name": "SUSE-SR:2006:012",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "1016203",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016203"
            },
            {
              "name": "20254",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20254"
            },
            {
              "name": "18166",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18166"
            },
            {
              "name": "MDKSA-2006:093",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
            },
            {
              "name": "oval:org.mitre.oval:def:11600",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11600"
            },
            {
              "name": "20339",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20339"
            },
            {
              "name": "USN-286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/286-1/"
            },
            {
              "name": "GLSA-200606-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
            },
            {
              "name": "20457",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20457"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-2453",
        "datePublished": "2006-05-28T10:00:00.000Z",
        "dateReserved": "2006-05-18T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:51:04.773Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-2480 (GCVE-0-2006-2480)

    Vulnerability from cvelistv5 – Published: 2006-05-19 21:00 – Updated: 2024-08-07 17:51
    VLAI
    Summary
    Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/18078 vdb-entryx_refsource_BID
    http://www.redhat.com/support/errata/RHSA-2006-05… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/20513 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20422 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/20199 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://securitytracker.com/id?1016203 vdb-entryx_refsource_SECTRACK
    http://kandangjamur.net/tutorial/dia.txt x_refsource_MISC
    http://secunia.com/advisories/20254 third-party-advisoryx_refsource_SECUNIA
    http://www.osvdb.org/25699 vdb-entryx_refsource_OSVDB
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.vupen.com/english/advisories/2006/1908 vdb-entryx_refsource_VUPEN
    http://bugzilla.gnome.org/show_bug.cgi?id=342111 x_refsource_CONFIRM
    http://secunia.com/advisories/20339 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/82/433313/30… mailing-listx_refsource_VULN-DEV
    https://usn.ubuntu.com/286-1/ vendor-advisoryx_refsource_UBUNTU
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    http://secunia.com/advisories/20457 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-05-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:51:04.651Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "18078",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/18078"
              },
              {
                "name": "RHSA-2006:0541",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
              },
              {
                "name": "20513",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20513"
              },
              {
                "name": "20422",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20422"
              },
              {
                "name": "20199",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20199"
              },
              {
                "name": "oval:org.mitre.oval:def:11224",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
              },
              {
                "name": "SUSE-SR:2006:012",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
              },
              {
                "name": "1016203",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1016203"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://kandangjamur.net/tutorial/dia.txt"
              },
              {
                "name": "20254",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20254"
              },
              {
                "name": "25699",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/25699"
              },
              {
                "name": "MDKSA-2006:093",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
              },
              {
                "name": "ADV-2006-1908",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/1908"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
              },
              {
                "name": "20339",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20339"
              },
              {
                "name": "20060506 DIA file name handling format string",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULN-DEV",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
              },
              {
                "name": "USN-286-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/286-1/"
              },
              {
                "name": "GLSA-200606-03",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
              },
              {
                "name": "20457",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/20457"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-05-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename.  NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "18078",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/18078"
            },
            {
              "name": "RHSA-2006:0541",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
            },
            {
              "name": "20513",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20513"
            },
            {
              "name": "20422",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20422"
            },
            {
              "name": "20199",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20199"
            },
            {
              "name": "oval:org.mitre.oval:def:11224",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
            },
            {
              "name": "SUSE-SR:2006:012",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
            },
            {
              "name": "1016203",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1016203"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://kandangjamur.net/tutorial/dia.txt"
            },
            {
              "name": "20254",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20254"
            },
            {
              "name": "25699",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/25699"
            },
            {
              "name": "MDKSA-2006:093",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
            },
            {
              "name": "ADV-2006-1908",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/1908"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
            },
            {
              "name": "20339",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20339"
            },
            {
              "name": "20060506 DIA file name handling format string",
              "tags": [
                "mailing-list",
                "x_refsource_VULN-DEV"
              ],
              "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
            },
            {
              "name": "USN-286-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/286-1/"
            },
            {
              "name": "GLSA-200606-03",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
            },
            {
              "name": "20457",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/20457"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-2480",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename.  NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "18078",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/18078"
                },
                {
                  "name": "RHSA-2006:0541",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2006-0541.html"
                },
                {
                  "name": "20513",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20513"
                },
                {
                  "name": "20422",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20422"
                },
                {
                  "name": "20199",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20199"
                },
                {
                  "name": "oval:org.mitre.oval:def:11224",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224"
                },
                {
                  "name": "SUSE-SR:2006:012",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2006-06-02.html"
                },
                {
                  "name": "1016203",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1016203"
                },
                {
                  "name": "http://kandangjamur.net/tutorial/dia.txt",
                  "refsource": "MISC",
                  "url": "http://kandangjamur.net/tutorial/dia.txt"
                },
                {
                  "name": "20254",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20254"
                },
                {
                  "name": "25699",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/25699"
                },
                {
                  "name": "MDKSA-2006:093",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:093"
                },
                {
                  "name": "ADV-2006-1908",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/1908"
                },
                {
                  "name": "http://bugzilla.gnome.org/show_bug.cgi?id=342111",
                  "refsource": "CONFIRM",
                  "url": "http://bugzilla.gnome.org/show_bug.cgi?id=342111"
                },
                {
                  "name": "20339",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20339"
                },
                {
                  "name": "20060506 DIA file name handling format string",
                  "refsource": "VULN-DEV",
                  "url": "http://www.securityfocus.com/archive/82/433313/30/0/threaded"
                },
                {
                  "name": "USN-286-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/286-1/"
                },
                {
                  "name": "GLSA-200606-03",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml"
                },
                {
                  "name": "20457",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/20457"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-2480",
        "datePublished": "2006-05-19T21:00:00.000Z",
        "dateReserved": "2006-05-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:51:04.651Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-1550 (GCVE-0-2006-1550)

    Vulnerability from cvelistv5 – Published: 2006-03-30 23:00 – Updated: 2024-08-07 17:19
    VLAI
    Summary
    Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.redhat.com/support/errata/RHSA-2006-02… vendor-advisoryx_refsource_REDHAT
    http://mail.gnome.org/archives/dia-list/2006-Marc… mailing-listx_refsource_MLIST
    http://www.securityfocus.com/bid/17310 vdb-entryx_refsource_BID
    http://www.debian.org/security/2006/dsa-1025 vendor-advisoryx_refsource_DEBIAN
    http://secunia.com/advisories/19505 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19765 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19469 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/archive/1/429357/100… mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/19507 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/19959 third-party-advisoryx_refsource_SECUNIA
    http://securitytracker.com/id?1015853 vdb-entryx_refsource_SECTRACK
    http://www.gentoo.org/security/en/glsa/glsa-20060… vendor-advisoryx_refsource_GENTOO
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://secunia.com/advisories/19546 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/archives/fedora-announce-li… vendor-advisoryx_refsource_FEDORA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://usn.ubuntu.com/266-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/19897 third-party-advisoryx_refsource_SECUNIA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/19543 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2006-03-29 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T17:19:48.321Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MDKSA-2006:062",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:062"
              },
              {
                "name": "RHSA-2006:0280",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2006-0280.html"
              },
              {
                "name": "[dia-list] 20060329 Vulnerability in xfig import code",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html"
              },
              {
                "name": "17310",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17310"
              },
              {
                "name": "DSA-1025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1025"
              },
              {
                "name": "19505",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19505"
              },
              {
                "name": "19765",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19765"
              },
              {
                "name": "19469",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19469"
              },
              {
                "name": "20060329 Buffer overflows in Dia XFig import",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/429357/100/0/threaded"
              },
              {
                "name": "19507",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19507"
              },
              {
                "name": "19959",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19959"
              },
              {
                "name": "1015853",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015853"
              },
              {
                "name": "GLSA-200604-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml"
              },
              {
                "name": "oval:org.mitre.oval:def:10361",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361"
              },
              {
                "name": "19546",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19546"
              },
              {
                "name": "FEDORA-2006-261",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.html"
              },
              {
                "name": "diaxfig-xfig-import-bo(25566)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25566"
              },
              {
                "name": "USN-266-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/266-1/"
              },
              {
                "name": "19897",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19897"
              },
              {
                "name": "SUSE-SR:2006:009",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
              },
              {
                "name": "19543",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/19543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-03-29T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-18T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "MDKSA-2006:062",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:062"
            },
            {
              "name": "RHSA-2006:0280",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2006-0280.html"
            },
            {
              "name": "[dia-list] 20060329 Vulnerability in xfig import code",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html"
            },
            {
              "name": "17310",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17310"
            },
            {
              "name": "DSA-1025",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1025"
            },
            {
              "name": "19505",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19505"
            },
            {
              "name": "19765",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19765"
            },
            {
              "name": "19469",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19469"
            },
            {
              "name": "20060329 Buffer overflows in Dia XFig import",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/429357/100/0/threaded"
            },
            {
              "name": "19507",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19507"
            },
            {
              "name": "19959",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19959"
            },
            {
              "name": "1015853",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015853"
            },
            {
              "name": "GLSA-200604-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml"
            },
            {
              "name": "oval:org.mitre.oval:def:10361",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361"
            },
            {
              "name": "19546",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19546"
            },
            {
              "name": "FEDORA-2006-261",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.html"
            },
            {
              "name": "diaxfig-xfig-import-bo(25566)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25566"
            },
            {
              "name": "USN-266-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/266-1/"
            },
            {
              "name": "19897",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19897"
            },
            {
              "name": "SUSE-SR:2006:009",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2006_04_28.html"
            },
            {
              "name": "19543",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/19543"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2006-1550",
        "datePublished": "2006-03-30T23:00:00.000Z",
        "dateReserved": "2006-03-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T17:19:48.321Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2966 (GCVE-0-2005-2966)

    Vulnerability from cvelistv5 – Published: 2005-10-05 04:00 – Updated: 2024-08-07 22:53
    VLAI
    Summary
    The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/17059 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17047 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/17095 third-party-advisoryx_refsource_SECUNIA
    http://www.debian.org/security/2005/dsa-847 vendor-advisoryx_refsource_DEBIAN
    http://www.vupen.com/english/advisories/2005/1950 vdb-entryx_refsource_VUPEN
    http://www.gentoo.org/security/en/glsa/glsa-20051… vendor-advisoryx_refsource_GENTOO
    http://www.debian.org/security/2006/dsa-1025 vendor-advisoryx_refsource_DEBIAN
    http://www.securityfocus.com/bid/15000 vdb-entryx_refsource_BID
    http://secunia.com/advisories/17083 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    http://www.novell.com/linux/security/advisories/2… vendor-advisoryx_refsource_SUSE
    https://usn.ubuntu.com/193-1/ vendor-advisoryx_refsource_UBUNTU
    http://secunia.com/advisories/17108 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2005-10-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:53:29.715Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "17059",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17059"
              },
              {
                "name": "17047",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17047"
              },
              {
                "name": "17095",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17095"
              },
              {
                "name": "DSA-847",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-847"
              },
              {
                "name": "ADV-2005-1950",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/1950"
              },
              {
                "name": "GLSA-200510-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
              },
              {
                "name": "DSA-1025",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2006/dsa-1025"
              },
              {
                "name": "15000",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/15000"
              },
              {
                "name": "17083",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17083"
              },
              {
                "name": "MDKSA-2005:187",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
              },
              {
                "name": "SUSE-SR:2005:022",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
              },
              {
                "name": "USN-193-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/193-1/"
              },
              {
                "name": "17108",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17108"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-10-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-03T20:57:01.000Z",
            "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            "shortName": "debian"
          },
          "references": [
            {
              "name": "17059",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17059"
            },
            {
              "name": "17047",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17047"
            },
            {
              "name": "17095",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17095"
            },
            {
              "name": "DSA-847",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-847"
            },
            {
              "name": "ADV-2005-1950",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/1950"
            },
            {
              "name": "GLSA-200510-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
            },
            {
              "name": "DSA-1025",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2006/dsa-1025"
            },
            {
              "name": "15000",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/15000"
            },
            {
              "name": "17083",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17083"
            },
            {
              "name": "MDKSA-2005:187",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
            },
            {
              "name": "SUSE-SR:2005:022",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
            },
            {
              "name": "USN-193-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/193-1/"
            },
            {
              "name": "17108",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17108"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@debian.org",
              "ID": "CVE-2005-2966",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "17059",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17059"
                },
                {
                  "name": "17047",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17047"
                },
                {
                  "name": "17095",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17095"
                },
                {
                  "name": "DSA-847",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-847"
                },
                {
                  "name": "ADV-2005-1950",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/1950"
                },
                {
                  "name": "GLSA-200510-06",
                  "refsource": "GENTOO",
                  "url": "http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml"
                },
                {
                  "name": "DSA-1025",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2006/dsa-1025"
                },
                {
                  "name": "15000",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/15000"
                },
                {
                  "name": "17083",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17083"
                },
                {
                  "name": "MDKSA-2005:187",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:187"
                },
                {
                  "name": "SUSE-SR:2005:022",
                  "refsource": "SUSE",
                  "url": "http://www.novell.com/linux/security/advisories/2005_22_sr.html"
                },
                {
                  "name": "USN-193-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/193-1/"
                },
                {
                  "name": "17108",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17108"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5",
        "assignerShortName": "debian",
        "cveId": "CVE-2005-2966",
        "datePublished": "2005-10-05T04:00:00.000Z",
        "dateReserved": "2005-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:53:29.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }