Lucene search
K

5 matches found

UbuntuCve
UbuntuCve
added 2010/12/17 7:0 p.m.19 views

CVE-2010-4262

Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a FIG image with a crafted color definition...

6.8CVSS6.3AI score0.0582EPSS
Exploits1References1
Prion
Prion
added 2010/12/17 7:0 p.m.45 views

Stack overflow

Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a FIG image with a crafted color definition...

6.8CVSS8.6AI score0.0582EPSS
Exploits1References10Affected Software1
CVE
CVE
added 2010/12/17 6:0 p.m.56 views

CVE-2010-4262

CVE-2010-4262 describes a stack-based buffer overflow in Xfig 3.2.4/3.2.5 triggered by a crafted FIG image color definition, leading to remote denial of service and potential arbitrary code execution. Several open advisories reference this vulnerability along with CVEs-2009-4227/-4228, indicating...

6.8CVSS7.9AI score0.0582EPSS
Exploits1References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/12/16 12:0 a.m.16 views

Fedora 14 : xfig-3.2.5-25.b.fc14 (2010-18589)

Mon Dec 6 2010 Stanislav Ochotnicky - 3.2.5-25.b - Fix buffer overflow when opening malicious fig files - Thu Nov 25 2010 Hans de Goede 3.2.5-24.b - Fix importing of eps files 657290 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

6.8CVSS5.7AI score0.0582EPSS
Exploits1References3
Prion
Prion
added 2009/06/08 1:0 a.m.14 views

Code injection

Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the 1 xfig-epsPID, 2 xfig-picPID.pix, 3 xfig-picPID.err, 4 xfig-pcxPID.pix, 5 xfig-xfigrcPID, 6 xfigPID, 7 xfig-printPID, 8 xfig-exportPID.err, 9 xfig-batchPID, 10 xfig-expPID, or 11 xfig-spell.PID...

4.4CVSS6.8AI score0.00332EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder