Unrated severityNVD Advisory· Published Mar 30, 2006· Updated Apr 16, 2026

CVE-2006-1550

Description

Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.

Affected products

Dia/Dia6 versions
cpe:2.3:a:dia:dia:0.87:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:dia:dia:0.87:*:*:*:*:*:*:*
- cpe:2.3:a:dia:dia:0.88.1:*:*:*:*:*:*:*
- cpe:2.3:a:dia:dia:0.91:*:*:*:*:*:*:*
- cpe:2.3:a:dia:dia:0.92.2:*:*:*:*:*:*:*
- cpe:2.3:a:dia:dia:0.93:*:*:*:*:*:*:*
- cpe:2.3:a:dia:dia:0.94:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/17310nvdPatch
secunia.com/advisories/19469nvdVendor Advisory
secunia.com/advisories/19505nvdVendor Advisory
secunia.com/advisories/19507nvdVendor Advisory
secunia.com/advisories/19543nvdVendor Advisory
secunia.com/advisories/19546nvdVendor Advisory
secunia.com/advisories/19765nvdVendor Advisory
secunia.com/advisories/19897nvdVendor Advisory
secunia.com/advisories/19959nvdVendor Advisory
mail.gnome.org/archives/dia-list/2006-March/msg00149.htmlnvd
securitytracker.com/idnvd
www.debian.org/security/2006/dsa-1025nvd
www.gentoo.org/security/en/glsa/glsa-200604-14.xmlnvd
www.mandriva.com/security/advisoriesnvd
www.novell.com/linux/security/advisories/2006_04_28.htmlnvd
www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.htmlnvd
www.redhat.com/support/errata/RHSA-2006-0280.htmlnvd
www.securityfocus.com/archive/1/429357/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/25566nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361nvd
usn.ubuntu.com/266-1/nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000