xfig Stack-Based Buffer Overflow Vulnerability in fig2dev

Vulnerability

A stack-based buffer overflow vulnerability has been identified in the xfig diagramming tool, specifically in version 3.2.9a. This vulnerability occurs in the fig2dev utility, where local input manipulation in the read_objects function can lead to memory corruption and potentially allow for code execution.

Impact

Exploitation of this vulnerability can result in memory corruption, with a possibility of arbitrary code execution.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

xfig Stack-Based Buffer Overflow Vulnerability in fig2dev

Vulnerability

Impact

Affected Products

xfig

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating