Jump to content

Advisories (MDKSA-2006:062 ): dia


Recommended Posts

Mandriva Advisories MDKSA-2006:062 : dia


Updated dia packages fix buffer overflow vulnerabilities

April 3rd, 2006


Three buffer overflows were discovered by infamous41md in dia's xfig import code.This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth. Updated packages have been patched to correct this issue.



The released versions of Mandriva GNU/Linux affected are:

  • CS3.0
  • 2006.0

Full information about this advisory, including the updated packages, is available at:



Other references:




Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)

Link to comment
Share on other sites


  • Create New...