CVE-2005-2966

EPSS 2.5%

dia - missing input sanitising

發布日:2005/10/5修改日:2026/4/28

也稱為:DEBIAN-CVE-2005-2966

描述

The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.

受影響套件(2)

Debian/diafrom 0, < 0.94.0-15
Debian/diafrom 0, < 0.94.0-7sarge1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-2966