Lucene search
+L

4 matches found

CVE
CVE
added 2009/06/06 6:0 p.m.79 views

CVE-2009-1962

CVE-2009-1962 affects Xfig (likely 3.2.5) and allows local users to read/write arbitrary files via a symlink attack on temporary files named like xfig-eps[PID], xfig-pic[PID].pix/.err, xfig-pcx[PID].pix, xfig-xfigrc[PID], xfig[PID], xfig-print[PID], xfig-export[PID].err, xfig-batch[PID], xfig-exp...

4.4CVSS6.3AI score0.00332EPSS
CVE
CVE
added 2009/12/08 6:0 p.m.62 views

CVE-2009-4227

CVE-2009-4227 describes a stack-based buffer overflow in Xfig/Transfig components when processing malformed 1.3 FIG files (read_1_3_textobject in f_readold.c for Xfig 3.2.5b and earlier; read_textobject in read1_3.c for Transfig 3.2.5a and earlier). The overflow is triggered by a long string in t...

6.8CVSS7.7AI score0.10603EPSS
CVE
CVE
added 2009/12/08 6:0 p.m.60 views

CVE-2009-4228

Summary of CVE-2009-4228 (Xfig) A stack consumption/stack-based vulnerability in Xfig up to version 3.2.5b (and earlier) allows a remote attacker to cause a denial of service (application crash) by supplying a long string in a malformed .fig file using the 1.3 file format. The issue is linked to ...

4.3CVSS6.3AI score0.01693EPSS
CVE
CVE
added 2010/12/17 6:0 p.m.57 views

CVE-2010-4262

CVE-2010-4262 describes a stack-based buffer overflow in Xfig 3.2.4/3.2.5 triggered by a crafted FIG image color definition, leading to remote denial of service and potential arbitrary code execution. Several open advisories reference this vulnerability along with CVEs-2009-4227/-4228, indicating...

6.8CVSS7.9AI score0.0582EPSS