CVE-2007-3408

NameCVE-2007-3408
DescriptionMultiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
dia (PTS)bullseye0.97.3+git20160930-9fixed
bookworm0.97.3+git20220525-5fixed
sid, trixie0.98+git20240814-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
diasource(unstable)(not affected)

Notes

- dia <not-affected> (Windows packaging with bundled FreeType libs)

Search for package or bug name: Reporting problems