USN-3760-1: transfig vulnerability
6 September 2018
transfig could be made to execute arbitrary code if it received a specially crafted FIG file.
- transfig - Utilities for converting XFig figure files
It was discovered that transfig incorrectly handled certain FIG files.
An attacker could possibly use this to execute arbitrary code.