FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2006-1550

This CVE name corresponds to:

Entered Topic
2006-04-05 dia -- XFig Import Plugin Buffer Overflow

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2006-1550 at cve.mitre.org

Details

Type Candidate
Name CVE-2006-1550
Phase Assigned(20060330)

Description

Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.

References

Source Reference
BUGTRAQ 20060329 Buffer overflows in Dia XFig import
MLIST [dia-list] 20060329 Vulnerability in xfig import code
DEBIAN DSA-1025
FEDORA FEDORA-2006-261
GENTOO GLSA-200604-14
MANDRIVA MDKSA-2006:062
REDHAT RHSA-2006:0280
SUSE SUSE-SR:2006:009
UBUNTU USN-266-1
BID 17310
OVAL oval:org.mitre.oval:def:10361
SECTRACK 1015853
SECUNIA 19469
SECUNIA 19505
SECUNIA 19507
SECUNIA 19543
SECUNIA 19546
SECUNIA 19765
SECUNIA 19897
SECUNIA 19959
XF diaxfig-xfig-import-bo(25566)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.