CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the readtextobject functions in read.c and read13.c...

CVE-2009-4227

CVE-2009-4227 describes a stack-based buffer overflow in Xfig/Transfig components when processing malformed 1.3 FIG files (read_1_3_textobject in f_readold.c for Xfig 3.2.5b and earlier; read_textobject in read1_3.c for Transfig 3.2.5a and earlier). The overflow is triggered by a long string in t...