CVE-2021-3561

June 7, 2021

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Summary:

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Reference Links(if available):

  • https://sourceforge.net/p/mcj/fig2dev/ci/6827c09d2d6491cb2ae3ac7196439ff3aa791fd9/
  • https://sourceforge.net/p/mcj/tickets/116/
  • https://bugzilla.redhat.com/show_bug.cgi?id=1955675
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/JKMOIQX6GULVSYXLYW5JQY6KJNTWV3E4/
  • https://lists.fedoraproject.org/archives/list/[email protected]/message/C44WSY5KAQXC3Y2NMSVXXZS3M5U5U2E6/

    • CVSS Score (if available)

    v2: / HIGHAV:N/AC:M/Au:N/C:N/I:P/A:P

    v3: / HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    CISA Logo

    CISA: CISA Adds One Known Exploited Vulnerability to Catalog

    April 20, 2024
    CISA Logo

    CISA: Joint Guidance on Deploying AI Systems Securely

    April 20, 2024
    CISA Logo

    CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

    April 20, 2024
    CISA Logo

    CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor

    April 20, 2024
    CISA Logo

    CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400

    April 20, 2024