Lucene search
Gentoo FoundationGLSA-201312-16HistoryDec 27, 2013 - 12:00 a.m.
Xfig: Arbitrary code execution
2013-12-2700:00:00
Gentoo Foundation
security.gentoo.org
8
0.039 Low
EPSS
Percentile
92.0%
Background
Xfig is an interactive drawing tool.
Description
Xfig contains a buffer overflow vulnerability in processing certain FIG images.
Impact
A remote attacker could entice a user to open a specially-crafted file, potentially resulting in arbitrary code execution or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Xfig users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/xfig-3.2.5b-r1"
NOTE: This is a legacy GLSA. Updates for all affected architectures are available since January 09, 2011. It is likely that your system is already no longer affected by this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | media-gfx/xfig | < 3.2.5b-r1 | UNKNOWN |
Related
openvas
openvas
Fedora Update for xfig FEDORA-2010-18589
2010-12-28 00:00:00
Fedora Update for xfig FEDORA-2010-18589
2010-12-28 00:00:00
Gentoo Security Advisory GLSA 201312-16
2015-09-29 00:00:00
ubuntucve
ubuntucve
CVE-2010-4262
2010-12-17 00:00:00
cvelist
cvelist
CVE-2010-4262
2010-12-17 18:00:00
debiancve
debiancve
CVE-2010-4262
2010-12-17 19:00:00
cve
cve
CVE-2010-4262
2010-12-17 19:00:00
prion
prion
Stack overflow
2010-12-17 19:00:00
nessus
nessus
GLSA-201312-16 : Xfig: Arbitrary code execution
2013-12-28 00:00:00
Fedora 14 : xfig-3.2.5-25.b.fc14 (2010-18589)
2010-12-16 00:00:00
Mandriva Linux Security Advisory : xfig (MDVSA-2011:010)
2011-01-28 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: xfig-3.2.5-25.b.fc14
2010-12-15 09:02:41
securityvulns
securityvulns
[ MDVSA-2011:010 ] xfig
2011-01-19 00:00:00
Xfig multiple security vulnerabilities
2011-01-19 00:00:00