Описание
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| fig2dev | fixed | 1:3.2.7b-2 | package | |
| fig2dev | fixed | 1:3.2.7a-5+deb10u2 | buster | package |
| fig2dev | fixed | 1:3.2.6a-2+deb9u3 | stretch | package |
| transfig | removed | package |
Примечания
https://sourceforge.net/p/mcj/tickets/55/
https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/
Crash in CLI tool, negligible security impact
Связанные уязвимости
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect sscanf.
Уязвимость функции read_textobject из read.c утилиты для преобразования файлов с расширением .fig fig2dev, позволяющая нарушителю вызвать отказ в обслуживании