xfig Segmentation Fault Vulnerability in fig2dev Component Allows Memory Corruption

Vulnerability

A segmentation fault vulnerability has been identified in the xfig diagramming tool, specifically within the fig2dev component, version 3.2.9a. This vulnerability allows for memory corruption through local input manipulation in the 'genge_itp_spline' function, leading to a denial-of-service condition by causing an application crash.

Impact

Exploitation of this vulnerability causes a segmentation fault, leading to a crash of the xfig application, which can be classified as a denial-of-service condition.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

3.3

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

xfig Segmentation Fault Vulnerability in fig2dev Component Allows Memory Corruption

Vulnerability

Impact

Affected Products

xfig

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating