PT-2019-15944 · Xfig+1 · Xfig Fig2Dev+1

Suhwan Song

Published

2019-12-12

Updated

2024-06-15

CVE-2019-19746

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Xfig fig2dev version 3.2.7b

Description The issue is related to an integer overflow in the make arrow function in arrow.c, which can cause a segmentation fault and out-of-bounds write when a large arrow type is used.

Recommendations For Xfig fig2dev version 3.2.7b, consider applying a patch or fix to address the integer overflow issue in the make arrow function to prevent potential crashes and out-of-bounds writes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-190

Related Identifiers

CVE-2019-19746

MGASA-2020-0116

OPENSUSE-SU-2021:1143-1

OPENSUSE-SU-2021:1311-1

OPENSUSE-SU-2021:1318-1

OPENSUSE-SU-2021:2454-1

OPENSUSE-SU-2021_1143-1

OPENSUSE-SU-2021_2454-1

OPENSUSE-SU-2024:11472-1

SUSE-SU-2021:14823-1

SUSE-SU-2021:2454-1

SUSE-SU-2021:3124-1

SUSE-SU-2021_14823-1

Affected Products

Suse

Xfig Fig2Dev

PT-2019-15944 · Xfig+1 · Xfig Fig2Dev+1

CVE-2019-19746

Weakness Enumeration

Related Identifiers

Affected Products

References · 51