FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
b5fc63ad-c4c3-11da-9699-00123ffe8333	dia -- XFig Import Plugin Buffer Overflow Secunia reports: Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors within the XFig import plugin. This can be exploited to cause buffer overflows and may allow arbitrary code execution when a specially-crafted FIG file is imported. Discovery 2006-03-31 Entry 2006-04-05 dia dia-gnome > 0.86_1 lt 0.94_6,1 CVE-2006-1550 http://secunia.com/advisories/19469/ http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html
25eb365c-fd11-11dd-8424-c213de35965d	dia -- remote command execution vulnerability Security Focus reports: An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user. Discovery 2009-01-26 Entry 2009-02-17 dia < 0.96.1_6,1 33448 CVE-2008-5984 http://secunia.com/advisories/33672

VuXML ID

Description

b5fc63ad-c4c3-11da-9699-00123ffe8333

dia -- XFig Import Plugin Buffer Overflow

Secunia reports:

Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the XFig import plugin. This can be exploited to cause buffer overflows and may allow arbitrary code execution when a specially-crafted FIG file is imported.

Discovery 2006-03-31
Entry 2006-04-05
dia
dia-gnome

> 0.86_1 lt 0.94_6,1

CVE-2006-1550
http://secunia.com/advisories/19469/
http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html

25eb365c-fd11-11dd-8424-c213de35965d

dia -- remote command execution vulnerability

Security Focus reports:

An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user.

Discovery 2009-01-26
Entry 2009-02-17
dia

< 0.96.1_6,1

33448
CVE-2008-5984
http://secunia.com/advisories/33672