4.3
CVE-2009-4228
- EPSS 1.69%
- Veröffentlicht 08.12.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:13:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.69% | 0.741 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=559274
http://www.mandriva.com/security/advisories?name=MDVSA-2011:010
http://www.vupen.com/english/advisories/2011/0108
https://bugzilla.redhat.com/show_bug.cgi?id=543905