Lucene search

[email protected]CVE-2010-4262

HistoryDec 17, 2010 - 7:00 p.m.

CVE-2010-4262

2010-12-1719:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2010-4262

xfig 3.2.4

xfig 3.2.5

buffer overflow

denial of service

arbitrary code

nvd

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.9%

JSON

Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.

CPENameOperatorVersion
xfig:xfigxfigeq3.2.5
xfig:xfigxfigeq3.2.4

CPE	Name	Operator	Version
xfig:xfig	xfig	eq	3.2.5
xfig:xfig	xfig	eq	3.2.4

References

lists.fedoraproject.org/pipermail/package-announce/2010-December/052247.html

secunia.com/advisories/42579

www.mandriva.com/security/advisories?name=MDVSA-2011:010

www.openwall.com/lists/oss-security/2010/12/03/2

www.openwall.com/lists/oss-security/2010/12/06/8

www.securityfocus.com/bid/45177

www.vupen.com/english/advisories/2010/3232

www.vupen.com/english/advisories/2011/0108

bugzilla.redhat.com/show_bug.cgi?id=657981

bugzilla.redhat.com/show_bug.cgi?id=659676

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.039 Low

EPSS

Percentile

91.9%

JSON

Related for CVE-2010-4262

nessus3 fedora1 openvas5 gentoo1 prion1 ubuntucve1 debiancve1 cvelist1 securityvulns2