5 results (0.019 seconds)

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's logging facility (potentially with elevated privileges), thus filling up the disk and eventually rendering the system unusable. (The filename can be for a nonexistent file.) NOTE: this does not affect an upstream release, but affects certain Linux distribution packages with version numbers such as 0.97.3. Cuando GNOME Dia antes del 27-11-2019 es iniciado con un argumento de nombre de archivo que no es una posición de código válida en la codificación actual, ingresa en un bucle sin fin, por lo que escribe texto de forma indefinida en stdout. • http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00019.html https://gitlab.gnome.org/GNOME/dia/issues/428 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KTGLGWHINMTDRFL7RZAJZJM5YSVXUXWW https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKLQU2XBM4BGRKOF3L4C5QCPBUNTKEUN • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351. Múltiples vulnerabilidades no especificadas en Dia anterior a 0.96.1-6 tienen impacto y vectores de ataque no especificados, probablemente implicando el uso de librerías FreeType vulnerables que contienen CVE-2007-2754 y/o CVE-2007-1351. • http://secunia.com/advisories/25810 http://sourceforge.net/forum/forum.php?forum_id=709959 http://www.vupen.com/english/advisories/2007/2328 •

CVSS: 5.1EPSS: 1%CPEs: 1EXPL: 4

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file. • https://www.exploit-db.com/exploits/27903 http://bugzilla.gnome.org/show_bug.cgi?id=342111 http://kandangjamur.net/tutorial/dia.txt http://secunia.com/advisories/20199 http://secunia.com/advisories/20254 http://secunia.com/advisories/20339 http://secunia.com/advisories/20422 http://secunia.com/advisories/20457 http://secunia.com/advisories/20513 http://securitytracker.com/id?1016203 http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml http://www.mandriva.com/s • CWE-134: Use of Externally-Controlled Format String •

CVSS: 7.6EPSS: 1%CPEs: 6EXPL: 0

Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth. • http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html http://secunia.com/advisories/19469 http://secunia.com/advisories/19505 http://secunia.com/advisories/19507 http://secunia.com/advisories/19543 http://secunia.com/advisories/19546 http://secunia.com/advisories/19765 http://secunia.com/advisories/19897 http://secunia.com/advisories/19959 http://securitytracker.com/id?1015853 http://www.debian.org/security/2006/dsa-1025 http://www.gentoo.org/security/en/gls • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 3%CPEs: 4EXPL: 1

The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file. • http://secunia.com/advisories/17047 http://secunia.com/advisories/17059 http://secunia.com/advisories/17083 http://secunia.com/advisories/17095 http://secunia.com/advisories/17108 http://www.debian.org/security/2005/dsa-847 http://www.debian.org/security/2006/dsa-1025 http://www.gentoo.org/security/en/glsa/glsa-200510-06.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:187 http://www.novell.com/linux/security/advisories/2005_22_sr.html http://www •