Dia xfig file buffer overflow vulnerabilities

Date Discovered: 2006. május 3.
Date Published: 2006. május 5.
Last Updated: 2006. május 5.

Threat Assessment
Overall Risk: Medium
Impact:          High
Popularity:    Medium
Simplicity:     Low

Vulnerability Description
Vulnerability ID:         34109
Discovered By:           infamous41md
Exploitable Locally:    No
Exploitable Remotely: Yes
Impact:                       Remote attackers can execute arbitrary code.
Root Cause:                Software Vulnerability

The Dia package contains multiple vulnerabilities that can allow an attacker to execute arbitrary code. The vulnerabilities are due to improper bounds checking by the xfig file format importer. An attacker can create a xfig file that will cause an overflow and execute arbitrary code when opened by a user.

Affected Technologies
Red Hat: Red Hat Desktop 4
Red Hat: Red Hat Enterprise Linux AS 2.1 IA64
Red Hat: Red Hat Enterprise Linux AS 4 IA64
Red Hat: Red Hat Enterprise Linux AS 4 IBM S/390
Red Hat: Red Hat Enterprise Linux AS 4 PowerPC
Red Hat: Red Hat Enterprise Linux AS 4 s390x
Red Hat: Red Hat Enterprise Linux AS 4 x86 64
Red Hat: Red Hat Enterprise Linux ES 4 x86 64
Red Hat: Red Hat Enterprise Linux WS 3 IA64
Red Hat: Red Hat Enterprise Linux WS 4 IA64
Red Hat: Red Hat Enterprise Linux WS 4 x86 64
Red Hat: Red Hat Linux Adv Workstation - Itanium Proc 2.1
SuSE: Red Hat Enterprise Linux AS 2.1 x86
SuSE: Red Hat Enterprise Linux AS 4 x86
SuSE: Red Hat Enterprise Linux ES 2.1 x86
SuSE: Red Hat Enterprise Linux ES 4 x86
SuSE: Red Hat Enterprise Linux WS 2.1 x86
SuSE: Red Hat Enterprise Linux WS 4 x86