Info

Disclosure

May 05, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Dia contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when the program is used to open a file using the 'Open Diagram' dialog box and if the file name contains format string characters. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access, Local / Remote, Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified

Solution

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Products

Dia

0.94

References

CVE ID: 2006-2480 (see also: NVD)
Secunia Advisory ID: 20199 20254 20339 20422 20457 20513
Mail List Post: http://archives.neohapsis.com/archives/vuln-dev/2006-q2/0052.html
http://attrition.org/pipermail/vim/2006-May/000781.html
Vendor Specific News/Changelog Entry: http://bugzilla.gnome.org/show_bug.cgi?id=342111
Other Advisory URL: http://kandangjamur.net/tutorial/dia.txt
http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml
Vendor URL: http://www.gnome.org/projects/dia
Vendor Specific Advisory URL: http://www.mandriva.com/security/advisories?name=MDKSA-2006:093
http://www.novell.com/linux/security/advisories/2006-06-02.html
http://www.ubuntu.com/usn/usn-286-1
RedHat RHSA: RHSA-2006:0541

Credit

KaDaL-X - king_purbayahoo.co.uk - http://kandangjamur.net/

Direct URL: http://osvdb.org/25699