CVE-2009-4228

Опубликовано: 03 дек. 2009

Источник: redhat

CVSS2: 4.3

Описание

Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.

Отчет

Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-4228 The Red Hat Product Security has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: https://access.redhat.com/security/updates/classification/

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 4	transfig	Will not fix
Red Hat Enterprise Linux 4	xfig	Will not fix
Red Hat Enterprise Linux 5	transfig	Will not fix
Red Hat Enterprise Linux 5	xfig	Will not fix
Red Hat Enterprise Linux 6	transfig	Will not fix
Red Hat Enterprise Linux 6	xfig	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=543905Transfig: Stack-based buffer overflow by loading malformed .FIG files

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2009-4228

ubuntu

около 16 лет назад

CVE-2009-4228

nvd

около 16 лет назад

CVE-2009-4228

debian

около 16 лет назад

Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlie ...

GHSA-gvr2-hrmm-6ff5

github

больше 3 лет назад

4.3 Medium

CVSS2