20 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-19797
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. CVE-2019-19797 Note that Nessus relies on the presence of the package as reported by t...
RHEL 6 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
Ubuntu: Security Advisory (USN-5864-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5864-1: Fig2dev vulnerabilities
Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04...
SUSE: Security Advisory (SUSE-SU-2021:14823-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : transfig (SUSE-SU-2021:14823-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14823-1 advisory. - CVE-2021-3561: Fixed global buffer overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: Fixed out-of-bounds wri...
[SECURITY] [DLA 2778-1] fig2dev security update
Debian LTS Advisory DLA-2778-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany October 04, 2021 https://wiki.debian.org/LTS Package : fig2dev Version : 1:3.2.6a-2+deb9u4 CVE ID : CVE-2019-19797 CVE-2020-21529 CVE-2020-21530 CVE-2020-21531 CVE-2020-21532...
OPENSUSE-SU-2021:1318-1 Security update for transfig
This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: out-of-bounds write in readcolordef in read.c bsc1159293. - CVE-2019-19555: stack-based buffer...
OPENSUSE-SU-2021:1143-1 Security update for transfig
This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: out-of-bounds write in readcolordef in read.c bsc1159293. - CVE-2019-19555: stack-based buffer...
openSUSE: Security Advisory for transfig (openSUSE-SU-2021:2454-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE 15 Security Update : transfig (openSUSE-SU-2021:2454-1)
The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2454-1 advisory. - Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calcarrow function in bound.c. CVE-2019-14275 - readtextobject in read.c in...
SUSE SLED15 / SLES15 Security Update : transfig (SUSE-SU-2021:2454-1)
The remote SUSE Linux SLED15 / SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2454-1 advisory. Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function readcolordef bsc1186329. -...
SUSE-SU-2021:2454-1 Security update for transfig
This update for transfig fixes the following issues: Update to version 3.2.8, including fixes for - CVE-2021-3561: overflow in fig2dev/read.c in function readcolordef bsc1186329. - CVE-2019-19797: out-of-bounds write in readcolordef in read.c bsc1159293. - CVE-2019-19555: stack-based buffer...
Medium: transfig
Issue Overview: readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. CVE-2019-19797 makearrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. CVE-2019-19746 Affected Packages: transfi...
Fedora 30 : 1:transfig / xfig (2020-6a2824178e)
Security fix for CVE-2019-19746, CVE-2019-19797 - New upstream release 3.2.7b - Add patch fixing CVE-2019-19746 rhbz1787040 - Add patch fixing CVE-2019-19797 rhbz1786726 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...
Fedora 31 : 1:transfig / xfig (2020-5d0f0593ae)
Security fix for CVE-2019-19746, CVE-2019-19797 - New upstream release 3.2.7b - Add patch fixing CVE-2019-19746 rhbz1787040 - Add patch fixing CVE-2019-19797 rhbz1786726 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...
CVE-2019-19797
readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write...
UBUNTU-CVE-2019-19797
readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write...
CVE-2019-19797
CVE-2019-19797 is evidenced in connected records as an out-of-bounds write in read_colordef of Xfig fig2dev 3.2.7b. Multiple advisories (ALAS-2023-1807, SUSE SU-2021:14823-1, Ubuntu USN-5864-1, Debian DLA-2778) map this issue to transfig/fig2dev and cite additional related CVEs. The impact is des...
CVE-2019-19797
readcolordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write...