CVE-2020-21676
Summary
| CVE | CVE-2020-21676 |
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-08-10 21:15:00 UTC |
| Updated | 2023-02-28 18:29:00 UTC |
| Description | A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format. |
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| CWE -
CWE-121: Stack-based Buffer Overflow (4.3) |
MISC |
cwe.mitre.org |
|
| [SECURITY] [DLA 2778-1] fig2dev security update |
MLIST |
lists.debian.org |
|
| Xfig / Tickets / #76 stack-buffer-overflow in genpstrx_text at genpstricks.c:2732 |
MISC |
sourceforge.net |
|
| [SECURITY] [DLA 3304-1] fig2dev security update |
MLIST |
lists.debian.org |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 178818 Debian Security Update for fig2dev (DLA 2778-1)
- 181533 Debian Security Update for fig2dev (DLA 3304-1)
- 199172 Ubuntu Security Notification for Fig2dev Vulnerabilities (USN-5864-1)