The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and previous versions allows user-assisted malicious users to execute arbitrary commands via a crafted SVG file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dia dia 0.91 |
||
dia dia 0.92.2 |
||
dia dia 0.93 |
||
dia dia |