CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
96.1%
Stack-based buffer overflow in the read_1_3_textobject function in
f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function
in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote
attackers to execute arbitrary code via a long string in a malformed .fig
file that uses the 1.3 file format. NOTE: some of these details are
obtained from third party information.