The remote host is missing an update to dia announced via advisory MDKSA-2006:062.
Three buffer overflows were discovered by infamous41md in dia's xfig import code. This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth.
Updated packages have been patched to correct this issue.
Affected: 2006.0, Corporate 3.0
Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.