PT-2006-3428 · Dia+1 · Dia+1

Hans De Goede

Published

2006-05-19

Updated

2024-06-15

CVE-2006-2480

CVSS v2.0

5.1

Medium

Vector

AV:N/AC:H/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Dia version 0.94

Description The issue allows user-assisted attackers to cause a denial of service and possibly execute arbitrary code by triggering errors or warnings. This can be achieved through format string specifiers in a .bmp filename. Other mechanisms for input, such as a crafted .dia file, are also automatically processed by Dia.

Recommendations For Dia version 0.94, avoid using format string specifiers in filenames until a patch is available. As a temporary workaround, consider restricting the use of .bmp and .dia files to minimize the risk of exploitation.

Exploit

Fix

DoS

Use of Externally-Controlled Format String

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-134

Related Identifiers

CVE-2006-2480

OPENSUSE-SU-2024:10716-1

RHSA-2006:0541

RHSA-2006_0541

Affected Products

Dia

Red Hat

PT-2006-3428 · Dia+1 · Dia+1

CVE-2006-2480

Weakness Enumeration

Related Identifiers

Affected Products

References · 30