rpm package
opensuse/dia&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/dia&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2008-5984 | — | < 0.97.3-4.13 | 0.97.3-4.13 | Jan 28, 2009 | Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-59 | ||
| CVE-2006-2453 | — | < 0.97.3-11.1 | 0.97.3-11.1 | May 28, 2006 | Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480. | ||
| CVE-2006-2480 | — | < 0.97.3-11.1 | 0.97.3-11.1 | May 19, 2006 | Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demon |
- CVE-2008-5984Jan 28, 2009affected < 0.97.3-4.13fixed 0.97.3-4.13
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-59
- CVE-2006-2453May 28, 2006affected < 0.97.3-11.1fixed 0.97.3-11.1
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
- CVE-2006-2480May 19, 2006affected < 0.97.3-11.1fixed 0.97.3-11.1
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demon