Описание
Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2025-46397
- https://access.redhat.com/errata/RHSA-2026:0700
- https://access.redhat.com/errata/RHSA-2026:0704
- https://access.redhat.com/errata/RHSA-2026:0705
- https://access.redhat.com/errata/RHSA-2026:0756
- https://access.redhat.com/security/cve/CVE-2025-46397
- https://bugzilla.redhat.com/show_bug.cgi?id=2362058
- https://lists.debian.org/debian-lts-announce/2025/04/msg00043.html
- https://sourceforge.net/p/mcj/tickets/192
Связанные уязвимости
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
A flaw was found in xfig. This vulnerability allows possible code exec ...
