Описание
In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | transfig | Fix deferred | ||
| Red Hat Enterprise Linux 7 | transfig | Fix deferred | ||
| Red Hat Enterprise Linux 8 | transfig | Fix deferred | ||
| Red Hat Enterprise Linux 9 | transfig | Fix deferred |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-121
https://bugzilla.redhat.com/show_bug.cgi?id=2362058xfig: fig2dev stack-overflow
4.7 Medium
CVSS3
Связанные уязвимости
CVSS3: 7.8
ubuntu
10 месяцев назад
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVSS3: 7.8
nvd
10 месяцев назад
A flaw was found in xfig. This vulnerability allows possible code execution via local input manipulation via bezier_spline function.
CVSS3: 7.8
debian
10 месяцев назад
A flaw was found in xfig. This vulnerability allows possible code exec ...
CVSS3: 7.1
github
10 месяцев назад
Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.
4.7 Medium
CVSS3