Dia: Arbitrary code execution through SVG import — GLSA 200510-06

Improperly sanitised data in Dia allows remote attackers to execute arbitrary code.

Affected Packages

app-office/dia on all architectures
Affected versions < 0.94-r3
Unaffected versions >= 0.94-r3

Background

Dia is a gtk+ based diagram creation program released under the GPL license.

Description

Joxean Koret discovered that the SVG import plugin in Dia fails to properly sanitise data read from an SVG file.

Impact

An attacker could create a specially crafted SVG file, which, when imported into Dia, could lead to the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Dia users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=app-office/dia-0.94-r3"

References

Release Date
October 06, 2005

Latest Revision
October 06, 2005: 01

Severity
normal

Exploitable
remote

Bugzilla entries