Shodan
Vulnerabilities
Vulnerable Software
Fig2dev Project:  >> Fig2dev  Security Vulnerabilities
CVE-2020-21676
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-10
CVE-2020-21678
A global buffer overflow in the genmp_writefontmacro_latex component in genmp.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-08-10
CVE-2020-21680
A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
CVSS Score
5.5
EPSS Score
0.002
Published
2021-08-10
CVE-2020-21681
A global buffer overflow in the set_color component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-08-10
CVE-2020-21682
A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-08-10
CVE-2020-21683
A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-08-10
CVE-2020-21684
A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
CVSS Score
5.5
EPSS Score
0.003
Published
2021-08-10
CVE-2021-3561
An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.
CVSS Score
7.1
EPSS Score
0.001
Published
2021-05-26
CVE-2019-19746
make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.
CVSS Score
5.5
EPSS Score
0.004
Published
2019-12-12
CVE-2018-16140
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
CVSS Score
7.8
EPSS Score
0.003
Published
2018-08-30


Products
Pricing
Contact Us

Shodan ® - All rights reserved