Debian Security Advisory DSA 1025-1 (dia) Network Vulnerability

Summary

The remote host is missing an update to dia announced via advisory DSA 1025-1. infamous41md discovered three buffer overflow errors in the xfig import code of dia, a diagram editor, that can lead to the execution of arbitrary code. For the old stable distribution (woody) these problems have been fixed in version 0.88.1-3woody1.

Solution

For the stable distribution (sarge) these problems have been fixed in version 0.94.0-7sarge3. For the unstable distribution (sid) these problems have been fixed in version 0.94.0-18. We recommend that you upgrade your dia package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201025-1

Severity

Classification

CVE CVE-2005-2966
CVSS Base Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 023-1 (inn2)
Debian Security Advisory DSA 1105-1 (xine-lib)
Debian Security Advisory DSA 025-1 (openssh)
Debian Security Advisory DSA 1059-1 (quagga)
Debian Security Advisory DSA 1135-1 (libtunepimp)

Take action and discover your vulnerabilities