CVE-2025-46398 Xfig: fig2dev stack-overflow via read_objects

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via readobjects function...

CVE-2025-46398

CVE-2025-46398 affects fig2dev (part of xfig/Transfig). The vulnerability is a stack overflow in read_objects() that allows memory corruption via local input manipulation, exploitable by a locally authenticated user under conditions described in several advisories. Public disclosures in Debian LT...

CVE-2025-46397 Xfig: xfig: stack-overflow allows possible code execution via local input manipulation

A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezierspline function...