Debian Security Advisory DSA 1025-1 (dia) Network Vulnerability

Summary

The remote host is missing an update to dia announced via advisory DSA 1025-1. infamous41md discovered three buffer overflow errors in the xfig import code of dia, a diagram editor, that can lead to the execution of arbitrary code. For the old stable distribution (woody) these problems have been fixed in version 0.88.1-3woody1.

Solution

For the stable distribution (sarge) these problems have been fixed in version 0.94.0-7sarge3. For the unstable distribution (sid) these problems have been fixed in version 0.94.0-18. We recommend that you upgrade your dia package. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201025-1

Severity

Classification

CVE CVE-2005-2966

CVSS	Base Score: 5.1 AV:N/AC:H/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1022-1 (storebackup)
Debian Security Advisory DSA 1065-1 (hostapd)
Debian Security Advisory DSA 1112-1 (mysql-dfsg-4.1)
Debian Security Advisory DSA 1111-2 (kernel-source-2.6.8 et. al.)
Debian Security Advisory DSA 1119-1 (hiki)

Take action and discover your vulnerabilities