5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
fig2dev:stretch is vulnerable to denial of service. The vulnerability exists because read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.
CPE | Name | Operator | Version |
---|---|---|---|
fig2dev:stretch | eq | 1:3.2.6a-2+deb9u3 | |
fig2dev:stretch | eq | 1:3.2.6a-2+deb9u3 |
lists.debian.org/debian-lts-announce/2021/10/msg00002.html
lists.fedoraproject.org/archives/list/[email protected]/message/7XOY5NXUZ6JRBBPYA3CXWGRGQTSDVVG2/
lists.fedoraproject.org/archives/list/[email protected]/message/ILJM2G6NM5MMBKTT5CH23TAI6DJGNW36/
security-tracker.debian.org/tracker/CVE-2019-19797
sourceforge.net/p/mcj/tickets/67/
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P