The transfig utility creates a makefile which translates FIG (created by xfig) or PIC figures into a specified LaTeX graphics language (for example, PostScript(TM)). Transfig is used to create TeX documents which are portable (i.e., they can be printed in a wide variety of environments). Install transfig if you need a utility for translating FIG or PIC figures into certain graphics languages.
{"mageia": [{"lastseen": "2022-04-18T11:19:35", "description": "An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability (CVE-2021-3561). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-07-27T20:21:53", "type": "mageia", "title": "Updated transfig package fixes a security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2021-07-27T20:21:53", "id": "MGASA-2021-0379", "href": "https://advisories.mageia.org/MGASA-2021-0379.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "redhatcve": [{"lastseen": "2022-06-08T11:08:49", "description": "An Out of Bounds flaw was found in fig2dev utility within transfig. An attacker could use this flaw and provide a crafted input to read_objects() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-05-20T20:14:52", "type": "redhatcve", "title": "CVE-2021-3561", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2022-06-08T08:16:38", "id": "RH:CVE-2021-3561", "href": "https://access.redhat.com/security/cve/cve-2021-3561", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-01-21T20:20:04", "description": "An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds\ncheck in read_objects() could allow an attacker to provide a crafted\nmalicious input causing the application to either crash or in some cases\ncause memory corruption. The highest threat from this vulnerability is to\nintegrity as well as system availability.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[leosilva](<https://launchpad.net/~leosilva>) | shipped fig2dev into transfig for xenial and trusty has not the code affected\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-05-26T00:00:00", "type": "ubuntucve", "title": "CVE-2021-3561", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2021-05-26T00:00:00", "id": "UB:CVE-2021-3561", "href": "https://ubuntu.com/security/CVE-2021-3561", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "nessus": [{"lastseen": "2022-04-11T05:19:14", "description": "The version of transfig installed on the remote host is prior to 3.2.8a-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1682 advisory.\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-07-01T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : transfig (ALAS-2021-1682)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-3561"], "modified": "2021-07-01T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:transfig", "p-cpe:/a:amazon:linux:transfig-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1682.NASL", "href": "https://www.tenable.com/plugins/nessus/151274", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1682.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(151274);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/01\");\n\n script_cve_id(\"CVE-2021-3561\");\n script_xref(name:\"ALAS\", value:\"2021-1682\");\n\n script_name(english:\"Amazon Linux 2 : transfig (ALAS-2021-1682)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of transfig installed on the remote host is prior to 3.2.8a-2. It is, therefore, affected by a vulnerability\nas referenced in the ALAS2-2021-1682 advisory.\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1682.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update transfig' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:transfig-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'transfig-3.2.8a-2.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-3.2.8a-2.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-3.2.8a-2.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-debuginfo-3.2.8a-2.amzn2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-debuginfo-3.2.8a-2.amzn2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-debuginfo-3.2.8a-2.amzn2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"transfig / transfig-debuginfo\");\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T03:34:03", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1318-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-09-29T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1318-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-09-29T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:transfig", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-1318.NASL", "href": "https://www.tenable.com/plugins/nessus/153782", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1318-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153782);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/29\");\n\n script_cve_id(\n \"CVE-2019-14275\",\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2021-3561\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1318-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1318-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4HYGTSDI2IQ34SYGQZGBYMH3NPMCAL2X/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?587207fc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'transfig-3.2.8a-bp153.3.3.2', 'cpu':'aarch64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-3.2.8a-bp153.3.3.2', 'cpu':'i586', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'transfig-3.2.8a-bp153.3.3.2', 'cpu':'s390x', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T05:21:44", "description": "The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2454-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-07-23T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:2454-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-08-09T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:transfig", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2021-2454-1.NASL", "href": "https://www.tenable.com/plugins/nessus/152022", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:2454-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152022);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/09\");\n\n script_cve_id(\n \"CVE-2019-14275\",\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2021-3561\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:2454-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:2454-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2021:2454-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-July/009201.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9dd79152\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP2/3\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'transfig-3.2.8a-4.12.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'transfig-3.2.8a-4.12.2', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.2'},\n {'reference':'transfig-3.2.8a-4.12.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'},\n {'reference':'transfig-3.2.8a-4.12.2', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-we-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T05:19:52", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1143-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-08-11T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1143-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-08-11T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:transfig", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/152472", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:1143-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152472);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/11\");\n\n script_cve_id(\n \"CVE-2019-14275\",\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2021-3561\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1143-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:1143-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LKD7IBCZKGMDHLZ7H4T5P7WTXHNFSOB6/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5ffff1ea\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/08/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.2', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'transfig-3.2.8a-lp152.6.6.2', 'cpu':'x86_64', 'release':'SUSE15.2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T05:20:46", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2454-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-07-23T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : transfig (openSUSE-SU-2021:2454-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-07-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:transfig", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2021-2454.NASL", "href": "https://www.tenable.com/plugins/nessus/152011", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2021:2454-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(152011);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/07/23\");\n\n script_cve_id(\n \"CVE-2019-14275\",\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2021-3561\"\n );\n\n script_name(english:\"openSUSE 15 Security Update : transfig (openSUSE-SU-2021:2454-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2021:2454-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RK4BRVCUPZKN5VS2JGWBPYITONWJCIZJ/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30d9d3a0\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/07/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nos_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\npkgs = [\n {'reference':'transfig-3.2.8a-4.12.2', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T03:33:58", "description": "The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3124-1 advisory.\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.\n (CVE-2020-21680)\n\n - A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21681)\n\n - A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21682)\n\n - A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21683)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-09-17T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : transfig (SUSE-SU-2021:3124-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2020-21680", "CVE-2020-21681", "CVE-2020-21682", "CVE-2020-21683", "CVE-2021-3561"], "modified": "2021-09-17T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:transfig", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2021-3124-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153462", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:3124-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153462);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/17\");\n\n script_cve_id(\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2020-21680\",\n \"CVE-2020-21681\",\n \"CVE-2020-21682\",\n \"CVE-2020-21683\",\n \"CVE-2021-3561\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:3124-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : transfig (SUSE-SU-2021:3124-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:3124-1 advisory.\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows\n attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.\n (CVE-2020-21680)\n\n - A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause\n a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21681)\n\n - A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause\n a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21682)\n\n - A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b\n allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21683)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1136882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189346\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-September/009457.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?550791ab\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2/3/4/5\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.3'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.4'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-12.5'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.2'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.3'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.4'},\n {'reference':'transfig-3.2.8a-2.17.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-12.5'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T05:25:01", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14823-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.\n (CVE-2020-21680)\n\n - A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21681)\n\n - A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21682)\n\n - A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21683)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-10-07T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14823-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2020-21680", "CVE-2020-21681", "CVE-2020-21682", "CVE-2020-21683", "CVE-2021-3561"], "modified": "2021-10-07T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:transfig", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2021-14823-1.NASL", "href": "https://www.tenable.com/plugins/nessus/153915", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2021:14823-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153915);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/07\");\n\n script_cve_id(\n \"CVE-2019-14275\",\n \"CVE-2019-19555\",\n \"CVE-2019-19746\",\n \"CVE-2019-19797\",\n \"CVE-2020-21680\",\n \"CVE-2020-21681\",\n \"CVE-2020-21682\",\n \"CVE-2020-21683\",\n \"CVE-2021-3561\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2021:14823-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14823-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2021:14823-1 advisory.\n\n - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.\n (CVE-2019-14275)\n\n - read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect\n sscanf. (CVE-2019-19555)\n\n - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because\n of an integer overflow via a large arrow type. (CVE-2019-19746)\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows\n attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.\n (CVE-2020-21680)\n\n - A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause\n a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21681)\n\n - A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause\n a denial of service (DOS) via converting a xfig file into ge format. (CVE-2020-21682)\n\n - A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b\n allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21683)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1136882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1143650\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159130\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1159293\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1161698\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1186329\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189325\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189343\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189345\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1189346\");\n # https://lists.suse.com/pipermail/sle-security-updates/2021-October/009541.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?63df51a4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-14275\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19555\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19746\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21680\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21681\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21682\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-21683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-3561\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected transfig package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'transfig-3.2.8a-1.160.13.1', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-11T03:30:37", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2778 advisory.\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.\n (CVE-2020-21529)\n\n - fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. (CVE-2020-21530)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.\n (CVE-2020-21531)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. (CVE-2020-21532)\n\n - fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.\n (CVE-2020-21533)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. (CVE-2020-21534)\n\n - fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. (CVE-2020-21535)\n\n - A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format. (CVE-2020-21675)\n\n - A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21676)\n\n - An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8. (CVE-2021-32280)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.1, "vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}, "published": "2021-10-10T00:00:00", "type": "nessus", "title": "Debian DLA-2778-1 : fig2dev - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19797", "CVE-2020-21529", "CVE-2020-21530", "CVE-2020-21531", "CVE-2020-21532", "CVE-2020-21533", "CVE-2020-21534", "CVE-2020-21535", "CVE-2020-21675", "CVE-2020-21676", "CVE-2021-32280", "CVE-2021-3561"], "modified": "2022-01-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:fig2dev", "p-cpe:/a:debian:debian_linux:transfig", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2778.NASL", "href": "https://www.tenable.com/plugins/nessus/153965", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2778. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(153965);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/20\");\n\n script_cve_id(\n \"CVE-2019-19797\",\n \"CVE-2020-21529\",\n \"CVE-2020-21530\",\n \"CVE-2020-21531\",\n \"CVE-2020-21532\",\n \"CVE-2020-21533\",\n \"CVE-2020-21534\",\n \"CVE-2020-21535\",\n \"CVE-2020-21675\",\n \"CVE-2020-21676\",\n \"CVE-2021-3561\",\n \"CVE-2021-32280\"\n );\n\n script_name(english:\"Debian DLA-2778-1 : fig2dev - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2778 advisory.\n\n - read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. (CVE-2019-19797)\n\n - fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.\n (CVE-2020-21529)\n\n - fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c. (CVE-2020-21530)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.\n (CVE-2020-21531)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. (CVE-2020-21532)\n\n - fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.\n (CVE-2020-21533)\n\n - fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. (CVE-2020-21534)\n\n - fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. (CVE-2020-21535)\n\n - A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers\n to cause a denial of service (DOS) via converting a xfig file into ptk format. (CVE-2020-21675)\n\n - A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows\n attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.\n (CVE-2020-21676)\n\n - An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function\n compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The\n fixed version of fig2dev is 3.2.8. (CVE-2021-32280)\n\n - An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could\n allow an attacker to provide a crafted malicious input causing the application to either crash or in some\n cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as\n system availability. (CVE-2021-3561)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/fig2dev\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2021/dla-2778\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2019-19797\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21529\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21530\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21531\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21532\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21533\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21534\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21535\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21675\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-21676\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-32280\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2021-3561\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/fig2dev\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the fig2dev packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3561\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/12/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/10/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:fig2dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:transfig\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'fig2dev', 'reference': '1:3.2.6a-2+deb9u4'},\n {'release': '9.0', 'prefix': 'transfig', 'reference': '1:3.2.6a-2+deb9u4'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'fig2dev / transfig');\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "cve": [{"lastseen": "2022-04-01T21:36:24", "description": "An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-05-26T22:15:00", "type": "cve", "title": "CVE-2021-3561", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2022-04-01T19:25:00", "cpe": ["cpe:/a:fig2dev_project:fig2dev:3.2.8", "cpe:/o:fedoraproject:fedora:33", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:34"], "id": "CVE-2021-3561", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3561", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cpe23": ["cpe:2.3:a:fig2dev_project:fig2dev:3.2.8:a:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2022-04-14T23:34:36", "description": "An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-05-26T22:15:00", "type": "debiancve", "title": "CVE-2021-3561", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2021-05-26T22:15:00", "id": "DEBIANCVE:CVE-2021-3561", "href": "https://security-tracker.debian.org/tracker/CVE-2021-3561", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:52", "description": "The transfig utility creates a makefile which translates FIG (created by xfig) or PIC figures into a specified LaTeX graphics language (for example, PostScript(TM)). Transfig is used to create TeX documents which are portable (i.e., they can be printed in a wide variety of environments). Install transfig if you need a utility for translating FIG or PIC figures into certain graphics languages. ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-06-07T01:16:34", "type": "fedora", "title": "[SECURITY] Fedora 34 Update: transfig-3.2.8a-2.fc34", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2021-06-07T01:16:34", "id": "FEDORA:20E71304CBA3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/C44WSY5KAQXC3Y2NMSVXXZS3M5U5U2E6/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "amazon": [{"lastseen": "2021-07-25T19:34:52", "description": "**Issue Overview:**\n\nAn Out of Bounds flaw was found in fig2dev utility within transfig. An attacker could use this flaw and provide a crafted input to read_objects() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. (CVE-2021-3561)\n\n \n**Affected Packages:** \n\n\ntransfig\n\n \n**Issue Correction:** \nRun _yum update transfig_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 transfig-3.2.8a-2.amzn2.aarch64 \n \u00a0\u00a0\u00a0 transfig-debuginfo-3.2.8a-2.amzn2.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 transfig-3.2.8a-2.amzn2.i686 \n \u00a0\u00a0\u00a0 transfig-debuginfo-3.2.8a-2.amzn2.i686 \n \n src: \n \u00a0\u00a0\u00a0 transfig-3.2.8a-2.amzn2.src \n \n x86_64: \n \u00a0\u00a0\u00a0 transfig-3.2.8a-2.amzn2.x86_64 \n \u00a0\u00a0\u00a0 transfig-debuginfo-3.2.8a-2.amzn2.x86_64 \n \n \n", "edition": 2, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-07-01T01:08:00", "type": "amazon", "title": "Medium: transfig", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-3561"], "modified": "2021-07-01T20:25:00", "id": "ALAS2-2021-1682", "href": "https://alas.aws.amazon.com/AL2/ALAS-2021-1682.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:40:19", "description": "An update that fixes 5 vulnerabilities is now available.\n\nDescription:\n\n This update for transfig fixes the following issues:\n\n Update to version 3.2.8, including fixes for\n\n - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef()\n (bsc#1186329).\n - CVE-2019-19797: out-of-bounds write in read_colordef in read.c\n (bsc#1159293).\n - CVE-2019-19555: stack-based buffer overflow because of an incorrect\n sscanf (bsc#1161698).\n - CVE-2019-19746: segmentation fault and out-of-bounds write because of an\n integer overflow via a large arrow type (bsc#1159130).\n - CVE-2019-14275: stack-based buffer overflow in the calc_arrow function\n in bound.c (bsc#1143650).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2021-2454=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-07-22T00:00:00", "type": "suse", "title": "Security update for transfig (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-07-22T00:00:00", "id": "OPENSUSE-SU-2021:2454-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/RK4BRVCUPZKN5VS2JGWBPYITONWJCIZJ/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-18T12:40:04", "description": "An update that fixes 5 vulnerabilities is now available.\n\nDescription:\n\n This update for transfig fixes the following issues:\n\n Update to version 3.2.8, including fixes for\n\n - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef()\n (bsc#1186329).\n - CVE-2019-19797: out-of-bounds write in read_colordef in read.c\n (bsc#1159293).\n - CVE-2019-19555: stack-based buffer overflow because of an incorrect\n sscanf (bsc#1161698).\n - CVE-2019-19746: segmentation fault and out-of-bounds write because of an\n integer overflow via a large arrow type (bsc#1159130).\n - CVE-2019-14275: stack-based buffer overflow in the calc_arrow function\n in bound.c (bsc#1143650).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP3:\n\n zypper in -t patch openSUSE-2021-1318=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-09-28T00:00:00", "type": "suse", "title": "Security update for transfig (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-09-28T00:00:00", "id": "OPENSUSE-SU-2021:1318-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4HYGTSDI2IQ34SYGQZGBYMH3NPMCAL2X/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-06-14T11:59:36", "description": "An update that fixes 5 vulnerabilities is now available.\n\nDescription:\n\n This update for transfig fixes the following issues:\n\n Update to version 3.2.8, including fixes for\n\n - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef()\n (bsc#1186329).\n - CVE-2019-19797: out-of-bounds write in read_colordef in read.c\n (bsc#1159293).\n - CVE-2019-19555: stack-based buffer overflow because of an incorrect\n sscanf (bsc#1161698).\n - CVE-2019-19746: segmentation fault and out-of-bounds write because of an\n integer overflow via a large arrow type (bsc#1159130).\n - CVE-2019-14275: stack-based buffer overflow in the calc_arrow function\n in bound.c (bsc#1143650).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.2:\n\n zypper in -t patch openSUSE-2021-1143=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-08-10T00:00:00", "type": "suse", "title": "Security update for transfig (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-08-10T00:00:00", "id": "OPENSUSE-SU-2021:1143-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LKD7IBCZKGMDHLZ7H4T5P7WTXHNFSOB6/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2022-04-21T22:47:09", "description": "An update that fixes 5 vulnerabilities is now available.\n\nDescription:\n\n This update for transfig fixes the following issues:\n\n Update to version 3.2.8, including fixes for\n\n - CVE-2021-3561: overflow in fig2dev/read.c in function read_colordef()\n (bsc#1186329).\n - CVE-2019-19797: out-of-bounds write in read_colordef in read.c\n (bsc#1159293).\n - CVE-2019-19555: stack-based buffer overflow because of an incorrect\n sscanf (bsc#1161698).\n - CVE-2019-19746: segmentation fault and out-of-bounds write because of an\n integer overflow via a large arrow type (bsc#1159130).\n - CVE-2019-14275: stack-based buffer overflow in the calc_arrow function\n in bound.c (bsc#1143650).\n\n This update was imported from the SUSE:SLE-15:Update update project. This\n update was imported from the openSUSE:Leap:15.2:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP2:\n\n zypper in -t patch openSUSE-2021-1311=1", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.2}, "published": "2021-09-27T00:00:00", "type": "suse", "title": "Security update for transfig (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14275", "CVE-2019-19555", "CVE-2019-19746", "CVE-2019-19797", "CVE-2021-3561"], "modified": "2021-09-27T00:00:00", "id": "OPENSUSE-SU-2021:1311-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PQ34JCCBYY5MVDLL7VGCWBOZKOQ5EXTK/", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "debian": [{"lastseen": "2022-02-01T00:00:00", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-2778-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Markus Koschany\nOctober 04, 2021 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : fig2dev\nVersion : 1:3.2.6a-2+deb9u4\nCVE ID : CVE-2019-19797 CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 \n CVE-2020-21532 CVE-2020-21533 CVE-2020-21534 CVE-2020-21535 \n CVE-2020-21675 CVE-2020-21676 CVE-2021-3561 CVE-2021-32280\n\nMultiple security vulnerabilities have been discovered in fig2dev, utilities\nfor converting XFig figure files. Buffer overflows, out-of-bounds reads and\nNULL pointer dereferences could lead to a denial-of-service or other\nunspecified impact. \n\nFor Debian 9 stretch, these problems have been fixed in version\n1:3.2.6a-2+deb9u4.\n\nWe recommend that you upgrade your fig2dev packages.\n\nFor the detailed security status of fig2dev please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/fig2dev\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: This is a digitally signed message part\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.2}, "published": "2021-10-04T09:00:15", "type": "debian", "title": "[SECURITY] [DLA 2778-1] fig2dev security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19797", "CVE-2020-21529", "CVE-2020-21530", "CVE-2020-21531", "CVE-2020-21532", "CVE-2020-21533", "CVE-2020-21534", "CVE-2020-21535", "CVE-2020-21675", "CVE-2020-21676", "CVE-2021-32280", "CVE-2021-3561"], "modified": "2021-10-04T09:00:15", "id": "DEBIAN:DLA-2778-1:13AF6", "href": "https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}]}
[SECURITY] Fedora 33 Update: transfig-3.2.8a-2.fc33
