CVE-2020-21531

CVE-2020-21531 affects fig2dev, specifically a global buffer overflow in conv_pattern_index() of gencgm.c in version 3.2.7b. Connected advisories confirm multiple OS vendors (Debian, Ubuntu, openSUSE/SUSE, Red Hat via Nessus notes) referencing fig2dev vulnerabilities and provide fixes in newer re...

CVE-2020-21532

fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c...

Denial Of Service (DoS)

fig2dev is vulnerable to denial of service. The vulnerability exists due to a global buffer overflow in the shadeortintnameafterdeclarecolor in genpstricks.c which allows attackers to cause an application crash via converting a xfig file into pstricks format...

CVE-2020-21678

A global buffer overflow in the genmpwritefontmacrolatex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into mp format...

CVE-2020-21675

A stack-based buffer overflow in the genptktext component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ptk format...

CVE-2020-21676

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format...

CVE-2020-21684

A global buffer overflow in the putfont in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format...

CVE-2020-21680

A stack-based buffer overflow in the putarrow component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pict2e format...

CVE-2020-21681

A global buffer overflow in the setcolor component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into ge format...

CVE-2020-21683

A global buffer overflow in the shadeortintnameafterdeclarecolor in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format...

fig2dev stack buffer overflow vulnerability (CNVD-2021-68461)

fig2dev is used to convert .fig files to various graphics languages and formats. A stack buffer overflow vulnerability exists in the genpstrxtext component of genpstricks.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig file...

fig2dev buffer overflow vulnerability (CNVD-2021-79765)

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in the setfill component of genge.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to ge...

openSUSE 15 Security Update : transfig (openSUSE-SU-2021:1143-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1143-1 advisory. - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c. CVE-2019-14275 - readtextobject in read.c in...

fig2dev buffer overflow vulnerability (CNVD-2021-72112)

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in the genmpwritefontmacrolatex component of genmp.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xf...

fig2dev stack buffer overflow vulnerability

fig2dev is used to convert .fig files to various graphics languages and formats. A stack buffer overflow vulnerability exists in the putarrow component of genpict2e.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to...

fig2dev buffer overflow vulnerability (CNVD-2021-79766)

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in putfont in genpict2e.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to pict2e format...

fig2dev buffer overflow vulnerability (CNVD-2021-72114)

fig2dev is used to convert .fig files to various graphics languages and formats. A buffer overflow vulnerability exists in the setcolor component of genge.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to ge format...

fig2dev buffer overflow vulnerability (CNVD-2021-79767)

fig2dev is used to convert .fig files to various graphics languages and formats. A global buffer overflow vulnerability exists in shadeortintnameafterdeclarecolor in genpstricks.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting th...

fig2dev stack buffer overflow vulnerability (CNVD-2021-68460)

fig2dev is used to convert .fig files to various graphics languages and formats. A stack buffer overflow vulnerability exists in the genptktext component of genptk.c in fig2dev version 3.2.7b. An attacker could exploit this vulnerability to cause a denial of service by converting xfig files to pt...

DEBIAN-CVE-2020-21676

A stack-based buffer overflow in the genpstrxtext component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service DOS via converting a xfig file into pstricks format...