Published: 20/11/2017 Updated: 11/12/2017

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

An array index error in the fig2dev program in Xfig 3.2.6a allows remote malicious users to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xfig project xfig 3.2.6a
debian debian linux 8.0
debian debian linux 9.0

Debian Bug report logs - #881143 fig2dev: CVE-2017-16899: out of bound read while running fig2dev with -L tikz Package: fig2dev; Maintainer for fig2dev is Roland Rosenfeld <roland@debianorg>; Source for fig2dev is src:fig2dev (PTS, buildd, popcon) Reported by: Joonun Jang <joonunjang@gmailcom> Date: Wed, 8 Nov 20 ...

An out-of-bounds read flaw was found in the way fig2dev program in Xfig handled the processing of Fig format files This flaw could potentially be used to crash the fig2dev program by tricking it into processing specially crafted Fig format files ...

An array index error in the fig2dev program in Xfig 326a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikzc, and the read_textobject functions in readc and read1_3c ...

CWE-129 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881143 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881143 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-16899

CVE-2017-16899

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect