RHEL 4 : xfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Xfig, Transfig: Stack-based buffer overflow by loading malformed .FIG files CVE-2009-4228 - Xfig:...

RHEL 5 : xfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - Xfig, Transfig: Stack-based buffer overflow by loading malformed .FIG files CVE-2009-4228 - Xfig:...

The vulnerability of the free_stream utility for converting files with the .fig and .fig2dev extensions involves a memory reclamation error, which allows an attacker to cause a service failure.

The vulnerability of the freestream function in the file conversion utility for files with the .fig and .fig2dev extensions is related to a memory reclamation error. Exploiting this vulnerability could allow an attacker to cause a service failure...

Updated transfig packages fix security vulnerability

It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code CVE-2018-16140...

Ubuntu 14.04 LTS / 16.04 LTS : transfig vulnerability (USN-3760-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3760-1 advisory. It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code. Tenable has...

USN-3760-1: transfig vulnerability

It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code...

openSUSE Security Update : transfig (openSUSE-2018-190)

This update for transfig fixes the following issues : - CVE-2017-16899: Do some input sanitizing when reading FIG files to avoid crashes boo1069257 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

Fedora 21 : xen-4.4.1-16.fc21 (2015-3944)

Additional patch for XSA-98 on arm64 HVM qemu unexpectedly enabling emulated VGA graphics backends XSA-119, CVE-2015-2152 Hypervisor memory corruption due to x86 emulator flaw XSA-123, CVE-2015-2151 enable building pngs from fig files which is working again, fix oxenstored.service preset...

Xfig multiple security vulnerabilities

Multiple vulnerabilities on .fig files processing...

Fedora 14 : xfig-3.2.5-25.b.fc14 (2010-18589)

Mon Dec 6 2010 Stanislav Ochotnicky - 3.2.5-25.b - Fix buffer overflow when opening malicious fig files - Thu Nov 25 2010 Hans de Goede 3.2.5-24.b - Fix importing of eps files 657290 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Xfig and Transfig 3.2.5 - .fig Remote Buffer Overflow

Xfig and Transfig 3.2.5 - .fig Remote Buffer Overflow source: https://www.securityfocus.com/bid/37193/info Xfig and Transfig are prone to a buffer-overflow vulnerability because they fail to perform adequate boundary checks on user-supplied input. Attackers may leverage this issue to execute...