Improper validation of array index in Xfig - CVE-2017-16899
Published: April 24, 2018
Vulnerability identifier: #VU12124
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2017-16899
CWE-ID: CWE-129
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Xfig
Affected software:
Xfig
Xfig
Detailed vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information or cause DoS condition on the target system.
The weakness exists in the fig2dev program due to an array index error. A remote attacker can submit a specially crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c, trick the victim into opening it, gain access to potentially sensitive information or cause the service to crash.
The weakness exists in the fig2dev program due to an array index error. A remote attacker can submit a specially crafted Fig format file, related to a negative font value in dev/gentikz.c, and the read_textobject functions in read.c and read1_3.c, trick the victim into opening it, gain access to potentially sensitive information or cause the service to crash.
How to mitigate CVE-2017-16899
Update to version 3.2.7.