16 matches found
fig2dev 安全漏洞
fig2dev is a simple tool from the Xfig open source. It is used to translate fig code from a named fig file into a specified graphics language. A security vulnerability exists in fig2dev version 3.2.9a, which stems from a segmentation error in the putpatternarc function that could lead to a denial...
RHEL 8 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - Xfig fig2dev 3.2.7a h...
RHEL 7 : transfig (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...
SUSE CVE-2009-4227
Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...
SUSE CVE-2009-4228
Stack consumption vulnerability in ubound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service application crash via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfpfig function in fread.c...
SUSE CVE-2018-16140
A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...
CVE-2018-16140
The fig2dev utility, as shipped with the transfig package, is vulnerable to one-byte buffer underwrite in getline function when processing specially crafted FIG file, having only minimal security impact in most situations...
DEBIAN-CVE-2018-16140
A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...
fig2dev buffer overflow vulnerability
fig2dev is used to convert .fig files to various graphics languages and formats. A buffer underflow vulnerability exists in getline in read.c in fig2dev 3.2.7a. An attacker could exploit this vulnerability by writing before the buffer starts via a specially crafted .fig file...
UBUNTU-CVE-2018-16140
A buffer underwrite vulnerability in getline read.c in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file...
DEBIAN-CVE-2017-16899
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...
CVE-2009-4227
Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...
CVE-2009-4227
Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...
UBUNTU-CVE-2009-4227
Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...
CVE-2009-4228
Stack consumption vulnerability in ubound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service application crash via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfpfig function in fread.c...
CVE-2009-4227
Stack-based buffer overflow in the read13textobject function in freadold.c in Xfig 3.2.5b and earlier, and in the readtextobject function in read13.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses t...