ID CVE-2005-2966
Summary The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
References
Vulnerable Configurations
  • cpe:2.3:a:dia:dia:0.91
    cpe:2.3:a:dia:dia:0.91
  • cpe:2.3:a:dia:dia:0.92.2
    cpe:2.3:a:dia:dia:0.92.2
  • cpe:2.3:a:dia:dia:0.93
    cpe:2.3:a:dia:dia:0.93
  • cpe:2.3:a:dia:dia:0.94
    cpe:2.3:a:dia:dia:0.94
CVSS
Base: 5.1 (as of 06-10-2005 - 14:40)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1025.NASL
    description 'infamous41md' discovered three buffer overflow errors in the xfig import code of dia, a diagram editor, that can lead to the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 22567
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22567
    title Debian DSA-1025-1 : dia - programming error
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-847.NASL
    description Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code.
    last seen 2019-02-21
    modified 2018-07-20
    plugin id 19955
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19955
    title Debian DSA-847-1 : dia - missing input sanitising
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200510-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200510-06 (Dia: Arbitrary code execution through SVG import) Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file. Impact : An attacker could create a specially crafted SVG file, which, when imported into Dia, could lead to the execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 19976
    published 2005-10-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19976
    title GLSA-200510-06 : Dia: Arbitrary code execution through SVG import
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2005-187.NASL
    description Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code. The updated packages have been patched to address this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 20432
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20432
    title Mandrake Linux Security Advisory : dia (MDKSA-2005:187)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-193-1.NASL
    description Joxean Koret discovered that the SVG import plugin did not properly sanitise data read from an SVG file. By tricking an user into opening a specially crafted SVG file, an attacker could exploit this to execute arbitrary code with the privileges of the user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-08-15
    plugin id 20607
    published 2006-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20607
    title Ubuntu 5.04 : dia vulnerability (USN-193-1)
refmap via4
bid 15000
debian
  • DSA-1025
  • DSA-847
gentoo GLSA-200510-06
mandriva MDKSA-2005:187
secunia
  • 17047
  • 17059
  • 17083
  • 17095
  • 17108
suse SUSE-SR:2005:022
ubuntu USN-193-1
vupen ADV-2005-1950
Last major update 16-06-2011 - 00:00
Published 05-10-2005 - 17:02
Last modified 03-10-2018 - 17:31
Back to Top