Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1550

Overview

Vulnerability Score 7.6 7.6
CVE Id CVE-2006-1550
Last Modified 21 Aug 2010 12:00:00
Published 30 Mar 2006 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2006-1550

Summary

Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.

Vulnerable Systems

Application

  • Dia 0.87

  • Dia 0.88.1

  • Dia 0.91

  • Dia 0.92.2

  • Dia 0.93

  • Dia 0.94


References

BID - 17310

XF - diaxfig-xfig-import-bo(25566)

UBUNTU - USN-266-1

BUGTRAQ - 20060329 Buffer overflows in Dia XFig import

REDHAT - RHSA-2006:0280

FEDORA - FEDORA-2006-261

SUSE - SUSE-SR:2006:009

MANDRIVA - MDKSA-2006:062

GENTOO - GLSA-200604-14

DEBIAN - DSA-1025

SECTRACK - 1015853

SECUNIA - 19959

SECUNIA - 19897

SECUNIA - 19765

SECUNIA - 19546

SECUNIA - 19543

SECUNIA - 19507

SECUNIA - 19505

SECUNIA - 19469

MLIST - [dia-list] 20060329 Vulnerability in xfig import code


Last Updated: 27 May 2016 10:42:06