7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.001 Low
EPSS
Percentile
41.3%
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds
check in read_objects() could allow an attacker to provide a crafted
malicious input causing the application to either crash or in some cases
cause memory corruption. The highest threat from this vulnerability is to
integrity as well as system availability.
Author | Note |
---|---|
leosilva | shipped fig2dev into transfig for xenial and trusty has not the code affected |
bugzilla.redhat.com/show_bug.cgi?id=1955675
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3561
launchpad.net/bugs/cve/CVE-2021-3561
nvd.nist.gov/vuln/detail/CVE-2021-3561
security-tracker.debian.org/tracker/CVE-2021-3561
sourceforge.net/p/mcj/fig2dev/ci/6827c09d2d6491cb2ae3ac7196439ff3aa791fd9/
sourceforge.net/p/mcj/tickets/116/
ubuntu.com/security/notices/USN-5864-1
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
5.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:P/A:P
0.001 Low
EPSS
Percentile
41.3%