Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 7 of 7 results


CVE-2023-45920

Medium priority
Ignored

** DISPUTED ** Xfig v3.2.8 was discovered to contain a NULL pointer dereference when calling XGetWMHints(). NOTE: this is disputed because it is not expected that an X application should continue to run when there is arbitrary...

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2021-40241

Medium priority
Needs evaluation

xfig 3.2.7 is vulnerable to Buffer Overflow.

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2021-32280

Medium priority

Some fixes available 2 of 4

An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function compute_closed_spline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.

3 affected packages

fig2dev, transfig, xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
fig2dev Not affected Not affected Fixed Fixed Ignored
transfig Not in release Not in release Not in release Not in release Vulnerable
xfig Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2010-4262

Medium priority
Ignored

Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Not affected Not affected
Show less packages

CVE-2009-4228

Low priority
Ignored

Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly...

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Not affected Not affected Not affected Not affected
Show less packages

CVE-2009-4227

Medium priority
Ignored

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to...

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Not affected Not affected Not affected
Show less packages

CVE-2009-1962

Low priority
Ignored

Xfig, possibly 3.2.5, allows local users to read and write arbitrary files via a symlink attack on the (1) xfig-eps[PID], (2) xfig-pic[PID].pix, (3) xfig-pic[PID].err, (4) xfig-pcx[PID].pix, (5) xfig-xfigrc[PID], (6) xfig[PID],...

1 affected packages

xfig

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
xfig Not affected Not affected Not affected Not affected
Show less packages