NotCVE - vendor:"Fig2dev Project" product:"Fig2dev" version:" <= 3.2.8a"

Page 3 of 23 results (0.005 seconds)

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1

CVE-2019-19746

https://notcve.org/view.php?id=CVE-2019-19746

12 Dec 2019 — make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type. La función make_arrow en el archivo arrow.c en Xfig fig2dev versión 3.2.7b, permite un fallo de segmentación y una escritura fuera de límites debido a un desbordamiento de enteros por medio de un tipo de flecha grande. • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7XOY5NXUZ6JRBBPYA3CXWGRGQTSDVVG2 • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2019-14275 – Ubuntu Security Notice USN-5864-1

https://notcve.org/view.php?id=CVE-2019-14275

26 Jul 2019 — Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c. Xfig fig2dev versión 3.2.7a presenta un Desbordamiento de Búfer en la Región Stack de la Memoria en la función calc_arrow function en archivo bound.c. Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue... • http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00043.html • CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

CVE-2018-16140 – Ubuntu Security Notice USN-3760-1

https://notcve.org/view.php?id=CVE-2018-16140

30 Aug 2018 — A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. Una vulnerabilidad de subescritura de búfer en get_line() (en read.c) en fig2dev 3.2.7a permite que un atacante escriba antes del comienzo del búfer mediante un archivo .fig manipulado. It was discovered that transfig incorrectly handled certain FIG files. An attacker could possibly use this to execute arbitrary code. • https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html • CWE-787: Out-of-bounds Write •

1 2 3