ID CVE-2009-4228
Summary Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.
References
Vulnerable Configurations
  • cpe:2.3:a:xfig:xfig:3.2.5b
    cpe:2.3:a:xfig:xfig:3.2.5b
  • cpe:2.3:a:xfig:xfig:3.2.5
    cpe:2.3:a:xfig:xfig:3.2.5
  • cpe:2.3:a:xfig:xfig:3.2.4
    cpe:2.3:a:xfig:xfig:3.2.4
CVSS
Base: 4.3 (as of 09-12-2009 - 10:02)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-11737.NASL
    description fix buffer overflow on loading a malformed .fig file (CVE-2009-4227) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 61667
    published 2012-08-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61667
    title Fedora 16 : transfig-3.2.5d-4.fc16 (2012-11737)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-11801.NASL
    description - Fix a stack overflow when importing 1.3 files (CVE-2009-4227) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 61629
    published 2012-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61629
    title Fedora 17 : xfig-3.2.5-32.b.fc17 (2012-11801)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-11718.NASL
    description fix buffer overflow on loading a malformed .fig file (CVE-2009-4227) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 61666
    published 2012-08-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61666
    title Fedora 17 : transfig-3.2.5d-7.fc17 (2012-11718)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2011-010.NASL
    description Multiple vulnerabilities has been found and corrected in xfig : Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third-party information (CVE-2009-4227). Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c (CVE-2009-4228). Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition (CVE-2010-4262). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149 products_id=490 The updated packages have been patched to correct these issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 51802
    published 2011-01-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=51802
    title Mandriva Linux Security Advisory : xfig (MDVSA-2011:010)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201412-14.NASL
    description The remote host is affected by the vulnerability described in GLSA-201412-14 (Xfig: User-assisted execution of arbitrary code) A stack-based buffer overflow and a stack consumption vulnerability have been found in Xfig. Impact : A remote attacker could entice a user to open a specially crafted file, potentially resulting in arbitrary code execution or a Denial of Service condition. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 79967
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79967
    title GLSA-201412-14 : Xfig: User-assisted execution of arbitrary code
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2012-11813.NASL
    description - Fix a stack overflow when importing 1.3 files (CVE-2009-4227) Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-20
    plugin id 61630
    published 2012-08-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=61630
    title Fedora 16 : xfig-3.2.5-32.b.fc16 (2012-11813)
refmap via4
confirm
mandriva MDVSA-2011:010
vupen ADV-2011-0108
statements via4
contributor Joshua Bressers
lastmodified 2009-12-15
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2009-4228 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: http://www.redhat.com/security/updates/classification/
Last major update 20-01-2011 - 01:37
Published 08-12-2009 - 13:30
Back to Top