Lucene search

Xfig Security Vulnerabilities

cve

CVE-2019-19797

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds...

5.5CVSS

5.8AI Score

0.001EPSS

2019-12-15 08:15 PM

174

cve

CVE-2021-40241

xfig 3.2.7 is vulnerable to Buffer...

9.8CVSS

9.2AI Score

0.002EPSS

2022-10-31 04:15 PM

cve

CVE-2019-14275

Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in...

5.5CVSS

6.1AI Score

0.001EPSS

2019-07-26 04:15 AM

388

cve

CVE-2021-32280

An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is...

5.5CVSS

5.3AI Score

0.001EPSS

2021-09-20 04:15 PM

cve

CVE-2020-21531

fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2020-21532

fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2020-21529

fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2020-21535

fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in...

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2017-16899

An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and...

7.1CVSS

6.5AI Score

0.001EPSS

2022-10-03 04:23 PM

cve

CVE-2020-21533

fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2020-21534

fig2dev 3.2.7b contains a global buffer overflow in the get_line function in...

5.5CVSS

5.7AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2020-21530

fig2dev 3.2.7b contains a segmentation fault in the read_objects function in...

5.5CVSS

5.4AI Score

0.001EPSS

2021-09-16 09:15 PM

cve

CVE-2019-19555

read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buffer overflow because of an incorrect...

5.5CVSS

6.1AI Score

0.001EPSS

2019-12-04 05:16 PM

125

cve

CVE-2010-4262

Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color...

7.9AI Score

0.039EPSS

2010-12-17 07:00 PM

cve

CVE-2009-4227

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that...

7.7AI Score

0.171EPSS

2009-12-08 06:30 PM

cve

CVE-2009-4228

Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in...

6.3AI Score

0.005EPSS

2009-12-08 06:30 PM

cve

CVE-2009-1962

Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID], (7) xfig-print[PID], (8) xfig-export[PID].err, (9) xfig-batch[PID],...

6.3AI Score

0.0004EPSS

2009-06-08 01:00 AM