CVE-2018-16140 — Out-of-bounds Write in Project Fig2dev

CWE-787 — Out-of-bounds Write CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer11 documents9 sources

Severity

7.8HIGHNVD

EPSS

0.3%

top 44.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fig2dev Project Fig2dev Canonical Ubuntu Linux

Timeline

PublishedAug 30

Latest updateMay 13

Description

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

▶Debianfig2dev_project/fig2dev< 1:3.2.7a-3+3

▶NVDfig2dev_project/fig2dev3.2.7a

Also affects: Ubuntu Linux 14.04, 16.04

🔴Vulnerability Details

GHSA

GHSA-8j2g-wgpq-4f6c: A buffer underwrite vulnerability in get_line() (read↗2022-05-13

▶

OSV

CVE-2018-16140: A buffer underwrite vulnerability in get_line() (read↗2018-08-30

▶

CVEList

CVE-2018-16140: A buffer underwrite vulnerability in get_line() (read↗2018-08-30

▶

💥Exploits & PoCs

Exploit-DB

Parallels Remote Application Server 15.5 - Path Traversal↗2018-02-22

▶

📋Vendor Advisories

Red Hat

transfig: Buffer underwrite in read.c:get_line() via crafted FIG file↗2018-09-12

▶

Ubuntu

transfig vulnerability↗2018-09-06

▶

Debian

CVE-2018-16140: fig2dev - A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allow...↗2018

▶

💬Community

Bugzilla

CVE-2018-16140 transfig: Buffer underwrite in read.c:get_line() via crafted FIG file [fedora-all]↗2018-09-25

▶

Bugzilla

CVE-2018-16140 transfig: Buffer underwrite in read.c:get_line() via crafted FIG file↗2018-09-12

▶

Bugzilla

CVE-2018-16140 transfig: Buffer underwrite in read.c:get_line() via crafted FIG file [fedora-all]↗2018-09-12

▶