Package name
dia
Date
2006-05-30
Advisory ID
MDKSA-2006:093
Affected versions
CS3.0 i586 , 2006.0 i586 , 2006.0 x86_64 , CS3.0 x86_64

Problem description

A format string vulnerability in Dia allows user-complicit
attackers to cause a denial of service (crash) and possibly execute
arbitrary code by triggering errors or warnings, as demonstrated via
format string specifiers in a .bmp filename. NOTE: the original
exploit was demonstrated through a command line argument, but there
are other mechanisms inputs that are automatically process by Dia,
such as a crafted .dia file. (CVE-2006-2480)

Multiple unspecified format string vulnerabilities in Dia have
unspecified impact and attack vectors, a different set of issues
than CVE-2006-2480. (CVE-2006-2453)

Packages have been patched to correct this issue.

Updated packages

CS3.0 i586

 14773513eee38d6a2ef7c162fedfc0b9  corporate/3.0/RPMS/dia-0.92.2-2.3.C30mdk.i586.rpm
 60df291bbe184fdd06564147555eb0e4  corporate/3.0/SRPMS/dia-0.92.2-2.3.C30mdk.src.rpm

2006.0 i586

 25f39bc046f44931e37df109581e87b9  2006.0/RPMS/dia-0.94-6.4.20060mdk.i586.rpm
 f19385acd5189ebc01114fc225fd9320  2006.0/SRPMS/dia-0.94-6.4.20060mdk.src.rpm

2006.0 x86_64

 924a511192a32723ccc93121694b224b  x86_64/2006.0/RPMS/dia-0.94-6.4.20060mdk.x86_64.rpm
 f19385acd5189ebc01114fc225fd9320  x86_64/2006.0/SRPMS/dia-0.94-6.4.20060mdk.src.rpm

CS3.0 x86_64

 3df4b2245403861a7b36c6acaa056ac7  x86_64/corporate/3.0/RPMS/dia-0.92.2-2.3.C30mdk.x86_64.rpm
 60df291bbe184fdd06564147555eb0e4  x86_64/corporate/3.0/SRPMS/dia-0.92.2-2.3.C30mdk.src.rpm

References