CVE-2006-2453

NameCVE-2006-2453
DescriptionMultiple unspecified format string vulnerabilities in Dia have unspecified impact and attack vectors, a different set of issues than CVE-2006-2480.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs368202

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dia (PTS)bullseye0.97.3+git20160930-9fixed
bookworm0.97.3+git20220525-5fixed
sid, trixie0.98+git20240814-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
diasource(unstable)0.95.0-4medium368202

Notes

[sarge] - dia <no-dsa> (Hardly exploitable, would require obviously malformed file names)

Search for package or bug name: Reporting problems