Описание
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
Ссылки
- Vendor Advisory
- Vendor Advisory
- ExploitIssue Tracking
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:fig2dev_project:fig2dev:3.2.9a:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
7.8 High
CVSS3
Дефекты
CWE-120
Связанные уязвимости
CVSS3: 7.8
ubuntu
10 месяцев назад
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVSS3: 4.7
redhat
10 месяцев назад
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
CVSS3: 7.8
debian
10 месяцев назад
A flaw was found in xfig. This vulnerability allows possible code exec ...
CVSS3: 7.1
github
10 месяцев назад
Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
EPSS
Процентиль: 16%
0.00051
Низкий
7.8 High
CVSS3
Дефекты
CWE-120