Back to search
CVE-2009-4227
Published: Dec 8, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
37577
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20091203 CVE Request -- xfig
mailing-list
x_refsource_MLIST
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559274
x_refsource_CONFIRM
37193
vdb-entry
x_refsource_BID
MDVSA-2011:010
vendor-advisory
x_refsource_MANDRIVA
xfig-read13textobject-bo(54525)
vdb-entry
x_refsource_XF
ADV-2011-0108
vdb-entry
x_refsource_VUPEN
https://bugzilla.redhat.com/show_bug.cgi?id=543905
x_refsource_CONFIRM
37571
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now