Arbitrary Command Execution Vulnerability in Python SVG Import Plugin for DIA

CVE-2005-2966 · MEDIUM Severity

AV:N/AC:H/AU:N/C:P/I:P/A:P

The Python SVG import plugin (diasvg_import.py) for DIA 0.94 and earlier allows user-assisted attackers to execute arbitrary commands via a crafted SVG file.

Learn more about our User Device Pen Test.