|Category:||Mandrake Local Security Checks|
|Title:||Mandrake Security Advisory MDKSA-2006:062 (dia)|
|Summary:||Mandrake Security Advisory MDKSA-2006:062 (dia)|
The remote host is missing an update to dia
announced via advisory MDKSA-2006:062.
Three buffer overflows were discovered by infamous41md in dia's xfig
import code. This could allow for user-complicit attackers to have
an unknown impact via a crafted xfig file, possibly involving an
invalid color index, number of points, or depth.
Updated packages have been patched to correct this issue.
Affected: 2006.0, Corporate 3.0
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
Risk factor : High
BugTraq ID: 17310|
Common Vulnerability Exposure (CVE) ID: CVE-2006-1550
Bugtraq: 20060329 Buffer overflows in Dia XFig import (Google Search)
Debian Security Information: DSA-1025 (Google Search)
SuSE Security Announcement: SUSE-SR:2006:009 (Google Search)
XForce ISS Database: diaxfig-xfig-import-bo(25566)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 40246 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.