blob: d7df00d74028f7e5196ec54a9e7b362b7b68d5a5 [file] [log] [blame]
<?xml version="1.0" encoding="utf-8"?>
<glsa id="200606-03">
<title>Dia: Format string vulnerabilities</title>
Format string vulnerabilities in Dia may lead to the execution of arbitrary
<product type="ebuild">dia</product>
<announced>June 07, 2006</announced>
<revised>June 07, 2006: 01</revised>
<package name="app-office/dia" auto="yes" arch="*">
<unaffected range="ge">0.95.1</unaffected>
<vulnerable range="lt">0.95.1</vulnerable>
Dia is a GTK+ based diagram creation program.
KaDaL-X discovered a format string error within the handling of
filenames. Hans de Goede also discovered several other format
string errors in the processing of dia files.
<impact type="normal">
By enticing a user to open a specially crafted file, a remote
attacker could exploit these vulnerabilities to execute arbitrary code
with the rights of the user running the application.
There is no known workaround at this time.
All Dia users should upgrade to the latest available version:
# emerge --sync
# emerge --ask --oneshot --verbose &quot;&gt;=app-office/dia-0.95.1&quot;</code>
<uri link="">CVE-2006-2453</uri>
<uri link="">CVE-2006-2480</uri>
<metadata tag="requester" timestamp="Tue, 30 May 2006 16:11:11 +0000">
<metadata tag="submitter" timestamp="Tue, 30 May 2006 23:25:33 +0000">
<metadata tag="bugReady" timestamp="Mon, 05 Jun 2006 17:20:31 +0000">