FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  499710
Date:      2019-04-23
Time:      03:03:40Z
Committer: cy

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
25eb365c-fd11-11dd-8424-c213de35965ddia -- remote command execution vulnerability

Security Focus reports:

An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user.


Discovery 2009-01-26
Entry 2009-02-17
dia
lt 0.96.1_6,1

33448
CVE-2008-5984
http://secunia.com/advisories/33672
b5fc63ad-c4c3-11da-9699-00123ffe8333dia -- XFig Import Plugin Buffer Overflow

Secunia reports:

Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the XFig import plugin. This can be exploited to cause buffer overflows and may allow arbitrary code execution when a specially-crafted FIG file is imported.


Discovery 2006-03-31
Entry 2006-04-05
dia
dia-gnome
gt 0.86_1 lt 0.94_6,1

CVE-2006-1550
http://secunia.com/advisories/19469/
http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html
b5fc63ad-c4c3-11da-9699-00123ffe8333dia -- XFig Import Plugin Buffer Overflow

Secunia reports:

Some vulnerabilities have been reported in Dia, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerabilities are caused due to boundary errors within the XFig import plugin. This can be exploited to cause buffer overflows and may allow arbitrary code execution when a specially-crafted FIG file is imported.


Discovery 2006-03-31
Entry 2006-04-05
dia
dia-gnome
gt 0.86_1 lt 0.94_6,1

CVE-2006-1550
http://secunia.com/advisories/19469/
http://mail.gnome.org/archives/dia-list/2006-March/msg00149.html
25eb365c-fd11-11dd-8424-c213de35965ddia -- remote command execution vulnerability

Security Focus reports:

An attacker could exploit this issue by enticing an unsuspecting victim to execute the vulnerable application in a directory containing a malicious Python file. A successful exploit will allow arbitrary Python commands to run within the privileges of the currently logged-in user.


Discovery 2009-01-26
Entry 2009-02-17
dia
lt 0.96.1_6,1

33448
CVE-2008-5984
http://secunia.com/advisories/33672