Vulnerabilities > DIA

DATE CVE VULNERABILITY TITLE RISK
2009-01-28 CVE-2008-5984 Remote Command Execution vulnerability in DIA 0.96.1
Untrusted search path vulnerability in the Python plugin in Dia 0.96.1, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983).
local
dia
6.9
2007-06-26 CVE-2007-3408 Remote Security vulnerability in DIA
Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
network
low complexity
dia
7.5
2006-05-28 CVE-2006-2453 USE of Externally-Controlled Format String vulnerability in DIA
Multiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
network
low complexity
dia CWE-134
7.5
2006-05-19 CVE-2006-2480 USE of Externally-Controlled Format String vulnerability in DIA 0.94
Format string vulnerability in Dia 0.94 allows user-assisted attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering errors or warnings, as demonstrated via format string specifiers in a .bmp filename.
network
high complexity
dia CWE-134
5.1
2006-03-30 CVE-2006-1550 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in DIA
Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.
network
high complexity
dia CWE-119
7.6
2005-10-05 CVE-2005-2966 Remote Arbitrary Code Execution vulnerability in DIA 0.91/0.92.2/0.93
The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.
network
high complexity
dia
5.1