fig2dev is vulnerable to denial of service. The vulnerability exists due to a global buffer overflow in the shade_or_tint_name_after_declare_color
in genpstricks.c
which allows attackers to cause an application crash via converting a xfig file into pstricks format.
CPE | Name | Operator | Version |
---|---|---|---|
fig2dev:sid | eq | 1:3.2.7b-5 | |
fig2dev:bullseye | eq | 1:3.2.7b-5 | |
fig2dev:sid | eq | 1:3.2.7b-5 | |
fig2dev:bullseye | eq | 1:3.2.7b-5 |