Suhwan Song

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 119.0.6045.105 **Description** The issue is related to an inappropriate implementation in the Compositing component of Google Chrome, which can be exploited by a remote attacker to potentially spoof the security UI via a crafted HTML page. This can be achieved by creating a specially designed HTML page. **Recommendations** For versions prior to 119.0.6045.105, update to version 119.0.6045.105 or later to resolve the issue. As a temporary workaround, consider restricting access to potentially vulnerable HTML pages until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 107 Firefox ESR versions prior to 102.5 Thunderbird versions prior to 102.5 **Description** The issue is related to the rendering of iframe contents outside the boundaries of the iframe, potentially leading to user confusion or spoofing attacks. This is due to errors in the representation of information by the user interface. An attacker could exploit this to conduct spoofing attacks. **Recommendations** For Firefox versions prior to 107, update to version 107 or later to resolve the issue. For Firefox ESR versions prior to 102.5, update to version 102.5 or later to resolve the issue. For Thunderbird versions prior to 102.5, update to version 102.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 98.0.4758.80 **Description** The issue is related to an inappropriate implementation in Paint, allowing a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. This can be achieved by exploiting the vulnerability in Google Chrome. **Recommendations** For Google Chrome versions prior to 98.0.4758.80, update to version 98.0.4758.80 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a segmentation fault in the `read objects` function in `read.c`, which can be caused by reading beyond the valid boundaries of a data buffer. This can allow a remote attacker to cause a denial of service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `read objects` function in `read.c` as a temporary workaround until a patch is available. Restrict access to the `read.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a global buffer overflow in the `get line` function in `read.c`. This overflow is caused by copying a buffer without checking the input data, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `get line` function in `read.c` as a temporary workaround until a patch is available. Restrict access to the `read.c` component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a global buffer overflow in the `setfigfont` function in `genepic.c`. This overflow is caused by copying a buffer without checking the input data, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `setfigfont` function in `genepic.c` as a temporary workaround until a patch is available. Restrict access to the `genepic.c` component to minimize the risk of exploitation. Avoid using the `fig2dev` utility with untrusted input files until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a buffer overflow in the `conv pattern index` function of the `gencgm.c` component in the fig2dev utility. This occurs due to the lack of input validation, allowing a remote attacker to cause a denial of service. The `conv pattern index` function is vulnerable to a global buffer overflow. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `conv pattern index` function in `gencgm.c` as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a stack-based buffer overflow in the genptk text component of fig2dev, which can be exploited by converting a xfig file into ptk format. This allows a remote attacker to cause a denial of service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the genptk text component in genptk.c as a temporary workaround to minimize the risk of exploitation. Restrict access to converting xfig files into ptk format until a patch is available.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A stack-based buffer overflow in the `put arrow()` component in `genpict2e.c` of fig2dev allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `put arrow()` function until a patch is available to prevent exploitation of the buffer overflow vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A global buffer overflow in the `shade or tint name after declare color` function in `genpstricks.c` allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. The issue is related to copying a buffer without checking the input data, which can be exploited by a remote attacker. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `shade or tint name after declare color` function until a patch is available to prevent the buffer overflow. Restrict the conversion of xfig files to pstricks format to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a global buffer overflow in the `put font` function of the `genpict2e.c` component in the fig2dev utility. This occurs when converting a xfig file into pict2e format without proper input validation, allowing a remote attacker to cause a denial of service (DOS). **Recommendations** For fig2dev version 3.2.7b, consider disabling the `put font` function in `genpict2e.c` until a patch is available to prevent exploitation. Restrict the conversion of xfig files to pict2e format to minimize the risk of a denial of service attack.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A global buffer overflow in the `set fill` component in `genge.c` of fig2dev allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. This issue is related to the lack of input validation when copying data to a buffer, which can be exploited by a remote attacker. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `set fill` component in `genge.c` as a temporary workaround to prevent exploitation until a patch is available. Restrict access to the `genge.c` module to minimize the risk of denial of service attacks. Avoid converting xfig files to ge format using the affected version of fig2dev until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ImageMagick versions prior to 7.0.9-0 **Description** A flaw was found in ImageMagick in MagickCore/quantum-private.h, which could trigger a heap buffer overflow when an attacker submits a crafted file that is processed by ImageMagick. This would most likely lead to an impact to application availability, but could potentially lead to an impact to data integrity as well. **Recommendations** For ImageMagick versions prior to 7.0.9-0, update to version 7.0.9-0 or later to resolve the issue. As a temporary workaround, consider restricting the processing of crafted files to minimize the risk of exploitation. Avoid using the vulnerable function in MagickCore/quantum-private.h until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GNU Bison versions prior to 3.7.1 **Description** The issue arises from a use-after-free in ` obstack free` in `lib/obstack.c`, which is called from `gram lex`, when a '0' byte is encountered. This poses a risk only if GNU Bison is used with untrusted input, and the observed bug causes unsafe behavior with a specific compiler or architecture. The bug report indicates that a crash may occur in GNU Bison itself. **Recommendations** For GNU Bison versions prior to 3.7.1, update to version 3.7.1 or later to resolve the issue. As a temporary workaround, consider avoiding the use of GNU Bison with untrusted input until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GraphicsMagick version 1.4 **Description** The issue is related to a Buffer Overflow vulnerability in the WritePCXImage function in pcx.c, which allows remote attackers to cause a denial of service via converting a crafted image file to pcx format. This can be achieved by exploiting the buffer overflow in the WritePCXImage function, potentially leading to a denial of service. **Recommendations** For GraphicsMagick version 1.4, consider disabling the WritePCXImage function in pcx.c as a temporary workaround to minimize the risk of exploitation until a patch is available. Restrict access to converting image files to pcx format to prevent potential denial of service attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A global buffer overflow in the `genmp writefontmacro latex` component in `genmp.c` of fig2dev allows attackers to cause a denial of service (DOS) via converting a xfig file into mp format. The vulnerability is related to the lack of input validation when copying data to a buffer, which can be exploited by a remote attacker to disrupt service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `genmp writefontmacro latex` function until a patch is available to prevent potential denial of service attacks. Restrict access to the `genmp.c` component to minimize the risk of exploitation. Avoid using the `genmp writefontmacro latex` component when converting xfig files to mp format until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A stack-based buffer overflow in the `genpstrx text()` component in `genpstricks.c` of fig2dev allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `genpstrx text()` function until a patch is available to prevent exploitation of the buffer overflow vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** A global buffer overflow in the `set color` component in `genge.c` of fig2dev allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format. The vulnerability is related to uncontrolled copying of data into a buffer, which can be exploited by a remote attacker to disrupt service. **Recommendations** For fig2dev version 3.2.7b, consider disabling the `set color` function in `genge.c` to prevent exploitation until a patch is available. Restrict the conversion of xfig files to ge format to minimize the risk of denial of service.

**Name of the Vulnerable Software and Affected Versions** fig2dev version 3.2.7b **Description** The issue is related to a stack buffer overflow in the `read textobject` function in `read.c`. This allows a remote attacker to cause a denial of service by overflowing the buffer. **Recommendations** For fig2dev version 3.2.7b, consider applying a patch or fix to address the stack buffer overflow in the `read textobject` function. As a temporary workaround, restrict the use of the `read textobject` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Xfig fig2dev version 3.2.7b **Description** The issue is related to an integer overflow in the `make arrow` function in `arrow.c`, which can cause a segmentation fault and out-of-bounds write when a large arrow type is used. **Recommendations** For Xfig fig2dev version 3.2.7b, consider applying a patch or fix to address the integer overflow issue in the `make arrow` function to prevent potential crashes and out-of-bounds writes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.