Vulnerabilities > CVE-2020-21680 - Out-of-bounds Write vulnerability in Fig2Dev Project Fig2Dev 3.2.7B

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

fig2dev-project

CWE-787

NVD

Published: 2021-08-10

Updated: 2022-12-07

Summary

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

Vulnerable Configurations

Part	Description	Count
Application	Fig2Dev_Project Fig2Dev Project Fig2Dev 3.2.7B	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://sourceforge.net/p/mcj/tickets/74/