{"id":"CVE-2006-1550","details":"Multiple buffer overflows in the xfig import code (xfig-import.c) in Dia 0.87 and later before 0.95-pre6 allow user-assisted attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid (1) color index, (2) number of points, or (3) depth.","modified":"2025-08-09T19:01:27Z","published":"2006-03-30T23:02:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/19469"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19505"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19507"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19543"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19546"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19765"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19897"},{"type":"ADVISORY","url":"http://secunia.com/advisories/19959"},{"type":"ADVISORY","url":"http://www.debian.org/security/2006/dsa-1025"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDKSA-2006:062"},{"type":"ADVISORY","url":"http://www.novell.com/linux/security/advisories/2006_04_28.html"},{"type":"FIX","url":"http://www.securityfocus.com/bid/17310"},{"type":"WEB","url":"http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html"},{"type":"WEB","url":"http://securitytracker.com/id?1015853"},{"type":"WEB","url":"http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml"},{"type":"WEB","url":"http://www.redhat.com/archives/fedora-announce-list/2006-April/msg00021.html"},{"type":"WEB","url":"http://www.redhat.com/support/errata/RHSA-2006-0280.html"},{"type":"WEB","url":"http://www.securityfocus.com/archive/1/429357/100/0/threaded"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/25566"},{"type":"WEB","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10361"},{"type":"WEB","url":"https://usn.ubuntu.com/266-1/"}],"schema_version":"1.7.3"}