A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.
References
| Link | Resource |
|---|---|
| https://sourceforge.net/p/mcj/tickets/75/ | Exploit Issue Tracking Patch Third Party Advisory |
| https://sourceforge.net/p/mcj/tickets/75/ | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 05:12
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://sourceforge.net/p/mcj/tickets/75/ - Exploit, Issue Tracking, Patch, Third Party Advisory |
07 Sep 2021, 18:06
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 5.5 |
16 Aug 2021, 12:54
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.8 |
| CWE | CWE-120 | |
| CPE | cpe:2.3:a:fig2dev_project:fig2dev:3.2.7:beta:*:*:*:*:*:* | |
| References | (MISC) https://sourceforge.net/p/mcj/tickets/75/ - Exploit, Issue Tracking, Patch, Third Party Advisory |
10 Aug 2021, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2021-08-10 21:15
Updated : 2024-11-21 05:12
NVD link : CVE-2020-21684
Mitre link : CVE-2020-21684
CVE.ORG link : CVE-2020-21684
JSON object : View
Products Affected
fig2dev_project
- fig2dev
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')