CVE-2006-2480

Dia - Format String Vulnerability

Title source: rule

Description

Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename. NOTE: the original exploit was demonstrated through a command line argument, but there are other mechanisms for input that are automatically processed by Dia, such as a crafted .dia file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by KaDaL-X · textdoslinux

https://www.exploit-db.com/exploits/27903

View Code ZIP pw:eip

References (19)

Core 19

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/18078

Vendor Advisory vendor-advisory x_refsource_redhat

http://www.redhat.com/support/errata/RHSA-2006-0541.html

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20513

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20422

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20199

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11224

Vendor Advisory vendor-advisory x_refsource_suse

http://www.novell.com/linux/security/advisories/2006-06-02.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1016203

Exploit x_refsource_misc

http://kandangjamur.net/tutorial/dia.txt

Patch, Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20254

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/25699

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDKSA-2006:093

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2006/1908

Exploit x_refsource_confirm

http://bugzilla.gnome.org/show_bug.cgi?id=342111

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20339

Exploit mailing-list x_refsource_vuln-dev

http://www.securityfocus.com/archive/82/433313/30/0/threaded

Vendor Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/286-1/

Third Party Advisory vendor-advisory x_refsource_gentoo

http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/20457

Scores

EPSS 0.2265

EPSS Percentile 95.9%

Details

CWE

CWE-134

Status published

Products (1)

dia/dia 0.94

Published May 19, 2006

Tracked Since Feb 18, 2026