Xfig Project - Xfig CVE

Filtered by vendor Xfig Project Subscribe

Filtered by product Xfig

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-16899	2 Debian, Xfig Project	2 Debian Linux, Xfig	2017-12-11	5.8 MEDIUM	7.1 HIGH
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with a maliciously crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c.

Vulnerabilities (CVE)