Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2009-4227

Опубликовано: 03 дек. 2009
Источник: redhat
CVSS2: 4.3
EPSS Средний

Описание

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.

Отчет

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-4227 The Red Hat Product Security has rated this issue as having moderate security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4transfigWill not fix
Red Hat Enterprise Linux 4xfigWill not fix
Red Hat Enterprise Linux 5transfigWill not fix
Red Hat Enterprise Linux 5xfigWill not fix
Red Hat Enterprise Linux 6transfigWill not fix
Red Hat Enterprise Linux 6xfigWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=543905Transfig: Stack-based buffer overflow by loading malformed .FIG files

EPSS

Процентиль: 95%
0.17017
Средний

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2009-4227

ubuntu
около 16 лет назад

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.

nvd логотип

CVE-2009-4227

nvd
около 16 лет назад

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.

debian логотип

CVE-2009-4227

debian
около 16 лет назад

Stack-based buffer overflow in the read_1_3_textobject function in f_r ...

github логотип

GHSA-3pwv-p24f-xm44

github
больше 3 лет назад

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.

EPSS

Процентиль: 95%
0.17017
Средний

4.3 Medium

CVSS2