xfig Stack-Based Buffer Overflow Vulnerability in fig2dev

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the xfig diagramming tool, specifically in version 3.2.9a. This vulnerability occurs while running the fig2dev command, where local input manipulation in the bezier_spline function can lead to memory corruption and potentially allow for code execution.

Impact

Exploitation of this vulnerability can result in a stack-based buffer overflow, causing memory corruption and potentially leading to arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

xfig Stack-Based Buffer Overflow Vulnerability in fig2dev

Vulnerability

Impact

Affected Products

xfig

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating