Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MDVSA-2011:010 | First vendor Publication | 2011-01-15 |
| Vendor | Mandriva | Last vendor Modification | 2011-01-15 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 6.8 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Multiple vulnerabilities has been found and corrected in xfig: Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information (CVE-2009-4227). Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c (CVE-2009-4228). Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition (CVE-2010-4262). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct these issues. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDVSA-2011:010 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 67 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 33 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2012-08-30 | Name : Fedora Update for transfig FEDORA-2012-11718 File : nvt/gb_fedora_2012_11718_transfig_fc17.nasl |
| 2012-08-30 | Name : Fedora Update for transfig FEDORA-2012-11737 File : nvt/gb_fedora_2012_11737_transfig_fc16.nasl |
| 2012-08-30 | Name : Fedora Update for xfig FEDORA-2012-11801 File : nvt/gb_fedora_2012_11801_xfig_fc17.nasl |
| 2012-08-24 | Name : Fedora Update for xfig FEDORA-2012-11813 File : nvt/gb_fedora_2012_11813_xfig_fc16.nasl |
| 2011-01-21 | Name : Mandriva Update for xfig MDVSA-2011:010 (xfig) File : nvt/gb_mandriva_MDVSA_2011_010.nasl |
| 2010-12-28 | Name : Fedora Update for xfig FEDORA-2010-18589 File : nvt/gb_fedora_2010_18589_xfig_fc14.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 69931 | Xfig FIG Image Crafted Color Definition Overflow Xfig is prone to an overflow condition. The 'file_msg()' function in 'w_msgpanel.c' fails to properly sanitize user-supplied input resulting in a heap-based buffer overflow. With a specially crafted .fig file, a context-dependent attacker can potentially execute arbitrary code. |
| 60873 | Xfig u_bound.c Crafted FIG File DoS |
| 60812 | transfig fig2dev/read1_3.c read_textobject() Function Overflow |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2014-12-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-14.nasl - Type : ACT_GATHER_INFO |
| 2013-12-28 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201312-16.nasl - Type : ACT_GATHER_INFO |
| 2012-08-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11718.nasl - Type : ACT_GATHER_INFO |
| 2012-08-27 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11737.nasl - Type : ACT_GATHER_INFO |
| 2012-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11801.nasl - Type : ACT_GATHER_INFO |
| 2012-08-23 | Name : The remote Fedora host is missing a security update. File : fedora_2012-11813.nasl - Type : ACT_GATHER_INFO |
| 2011-01-28 | Name : The remote Mandriva Linux host is missing a security update. File : mandriva_MDVSA-2011-010.nasl - Type : ACT_GATHER_INFO |
| 2010-12-16 | Name : The remote Fedora host is missing a security update. File : fedora_2010-18589.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:42:01 |
|
