FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

dia -- remote command execution vulnerability

Affected packages
dia < 0.96.1_6,1


VuXML ID 25eb365c-fd11-11dd-8424-c213de35965d
Discovery 2009-01-26
Entry 2009-02-17

Security Focus reports:

An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user.


Bugtraq ID 33448
CVE Name CVE-2008-5984