CVE-2019-14275

Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arrow function in bound.c.
Configurations

Configuration 1 (hide)

cpe:2.3:a:xfig_project:fig2dev:3.2.7:a:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

History

01 Mar 2023, 17:59

Type Values Removed Values Added
CPE cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00019.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00019.html - Mailing List, Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html - (MLIST) https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html - Mailing List, Third Party Advisory
References (MISC) https://sourceforge.net/p/mcj/tickets/52/ - Third Party Advisory (MISC) https://sourceforge.net/p/mcj/tickets/52/ - Exploit, Third Party Advisory
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00043.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00043.html - Mailing List, Third Party Advisory

Information

Published : 2019-07-26 04:15

Updated : 2024-02-04 20:20


NVD link : CVE-2019-14275

Mitre link : CVE-2019-14275

CVE.ORG link : CVE-2019-14275


JSON object : View

Products Affected

xfig_project

  • fig2dev

debian

  • debian_linux

opensuse

  • leap
CWE
CWE-787

Out-of-bounds Write