Vulnerabilities > CVE-2005-2966 - Remote Arbitrary Code Execution vulnerability in DIA 0.91/0.92.2/0.93

047910
CVSS 5.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
high complexity
dia
nessus
NVD
Published: 2005-10-05
Updated: 2018-10-03

Summary

The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.

Vulnerable Configurations

Part Description Count
Application
Dia
4

Nessus

  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200510-06.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200510-06 (Dia: Arbitrary code execution through SVG import) Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file. Impact : An attacker could create a specially crafted SVG file, which, when imported into Dia, could lead to the execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id19976
    published2005-10-11
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19976
    titleGLSA-200510-06 : Dia: Arbitrary code execution through SVG import
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-193-1.NASL
    descriptionJoxean Koret discovered that the SVG import plugin did not properly sanitise data read from an SVG file. By tricking an user into opening a specially crafted SVG file, an attacker could exploit this to execute arbitrary code with the privileges of the user. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id20607
    published2006-01-15
    reporterUbuntu Security Notice (C) 2005-2019 Canonical, Inc. / NASL script (C) 2006-2016 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20607
    titleUbuntu 5.04 : dia vulnerability (USN-193-1)
  • NASL familyMandriva Local Security Checks
    NASL idMANDRAKE_MDKSA-2005-187.NASL
    descriptionJoxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code. The updated packages have been patched to address this issue.
    last seen2020-06-01
    modified2020-06-02
    plugin id20432
    published2006-01-15
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/20432
    titleMandrake Linux Security Advisory : dia (MDKSA-2005:187)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1025.NASL
    description'infamous41md
    last seen2020-06-01
    modified2020-06-02
    plugin id22567
    published2006-10-14
    reporterThis script is Copyright (C) 2006-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/22567
    titleDebian DSA-1025-1 : dia - programming error
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-847.NASL
    descriptionJoxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitise data read from an SVG file and is hence vulnerable to execute arbitrary Python code.
    last seen2020-06-01
    modified2020-06-02
    plugin id19955
    published2005-10-11
    reporterThis script is Copyright (C) 2005-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/19955
    titleDebian DSA-847-1 : dia - missing input sanitising

References