Linux Distros Unpatched Vulnerability : CVE-2018-16140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...

RHEL 8 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - Xfig fig2dev 3.2.7a h...

RHEL 6 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

RHEL 7 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

RHEL 6 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

Mageia: Security Advisory (MGASA-2019-0064)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1806-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : transfig (SUSE-SU-2020:1806-1)

This update for transfig fixes the following issues : Security issue fixed : CVE-2019-14275: Fixed stack-based buffer overflow in the calcarrow function bsc1143650. CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the...

SUSE-SU-2020:1806-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2019-14275: Fixed stack-based buffer overflow in the calcarrow function bsc1143650. - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the...

Debian DLA-2073-1 : transfig security update

Several issues have been found in transfig, a XFig figure files converter. CVE-2018-16140 Buffer underwrite vulnerability in getline allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. CVE-2019-14275 Stack-based buffer overflow in the calcarrow function in...

[SECURITY] [DLA 2073-1] transfig security update

Package : transfig Version : 1:3.2.5.e-4+deb8u2 CVE ID : CVE-2018-16140 CVE-2019-14275 CVE-2019-19555 Several issues have been found in transfig, a XFig figure files converter. CVE-2018-16140 Buffer underwrite vulnerability in getline allows an attacker to write prior to the beginning of the buff...

openSUSE Security Update : transfig (openSUSE-2019-1455)

This update for transfig fixes the following issues : Security issue fixed : - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the beginning of the buffer via specially crafted .fig file bsc1106531 This update was imported...

openSUSE: Security Advisory for transfig (openSUSE-SU-2019:1455-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2019:1455-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the beginning of the buffer via specially crafted .fig file bsc1106531 This update was imported fr...

Security update for transfig (low)

openSUSE Security Update: Security update for transfig Announcement ID: openSUSE-SU-2019:1455-1 Rating: low References: 1106531 Cross-References: CVE-2018-16140 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that fixes one vulnerability is now available. Description: This upda...

SUSE-SU-2019:1291-1 Security update for transfig

This update for transfig fixes the following issues: Security issue fixed: - CVE-2018-16140: Fixed a buffer underwrite vulnerability in getline in read.c, which allowed an attacker to write prior to the beginning of the buffer via specially crafted .fig file bsc1106531...

Updated transfig packages fix security vulnerability

It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code CVE-2018-16140...

CVE-2018-16140

The fig2dev utility, as shipped with the transfig package, is vulnerable to one-byte buffer underwrite in getline function when processing specially crafted FIG file, having only minimal security impact in most situations...

CVE-2018-16140

A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...