Published: 15/12/2019 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xfig project fig2dev 3.2.7
fedoraproject fedora 30
fedoraproject fedora 31
debian debian linux 9.0

Debian Bug report logs - #946866 fig2dev: CVE-2019-19797 Package: src:fig2dev; Maintainer for src:fig2dev is Roland Rosenfeld <roland@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 16 Dec 2019 19:48:02 UTC Severity: important Tags: security, upstream Found in version fig2dev/1:327b-2 ...

read_colordef in readc in Xfig fig2dev 327b has an out-of-bounds write (CVE-2019-19797) make_arrow in arrowc in Xfig fig2dev 327b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type (CVE-2019-19746) ...

CWE-787 https://sourceforge.net/p/mcj/tickets/67/https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILJM2G6NM5MMBKTT5CH23TAI6DJGNW36/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7XOY5NXUZ6JRBBPYA3CXWGRGQTSDVVG2/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946866 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2020-1398.html

CVE-2019-19797

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect