4 matches found
CVE-2009-1962
CVE-2009-1962 affects Xfig (likely 3.2.5) and allows local users to read/write arbitrary files via a symlink attack on temporary files named like xfig-eps[PID], xfig-pic[PID].pix/.err, xfig-pcx[PID].pix, xfig-xfigrc[PID], xfig[PID], xfig-print[PID], xfig-export[PID].err, xfig-batch[PID], xfig-exp...
CVE-2009-4227
CVE-2009-4227 describes a stack-based buffer overflow in Xfig/Transfig components when processing malformed 1.3 FIG files (read_1_3_textobject in f_readold.c for Xfig 3.2.5b and earlier; read_textobject in read1_3.c for Transfig 3.2.5a and earlier). The overflow is triggered by a long string in t...
CVE-2009-4228
Summary of CVE-2009-4228 (Xfig) A stack consumption/stack-based vulnerability in Xfig up to version 3.2.5b (and earlier) allows a remote attacker to cause a denial of service (application crash) by supplying a long string in a malformed .fig file using the 1.3 file format. The issue is linked to ...
CVE-2010-4262
CVE-2010-4262 describes a stack-based buffer overflow in Xfig 3.2.4/3.2.5 triggered by a crafted FIG image color definition, leading to remote denial of service and potential arbitrary code execution. Several open advisories reference this vulnerability along with CVEs-2009-4227/-4228, indicating...