CVE-2019-19746 — Integer Overflow or Wraparound in Project Fig2dev

CWE-190 — Integer Overflow or Wraparound CWE-787 — Out-of-bounds Write9 documents7 sources

Severity

5.5MEDIUMNVD

EPSS

0.4%

top 41.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Fig2dev Project Fig2dev Fedoraproject Fedora

Timeline

PublishedDec 12

Latest updateMay 24

Description

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶Debianfig2dev_project/fig2dev< 1:3.2.7b-3+3

▶NVDfig2dev_project/fig2dev3.2.7b

Also affects: Fedora 31, 32

🔴Vulnerability Details

GHSA

GHSA-5fqv-qggf-295w: make_arrow in arrow↗2022-05-24

▶

CVEList

CVE-2019-19746: make_arrow in arrow↗2019-12-12

▶

OSV

CVE-2019-19746: make_arrow in arrow↗2019-12-12

▶

📋Vendor Advisories

Red Hat

transfig: integer overflow leads to out-of-bounds write in make_arrow in arrow.c↗2019-12-06

▶

Debian

CVE-2019-19746: fig2dev - make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out...↗2019

▶

💬Community

Bugzilla

CVE-2019-19746 transfig: integer overflow leads to out-of-bounds write in make_arrow in arrow.c [epel-7]↗2019-12-30

▶

Bugzilla

CVE-2019-19746 transfig: integer overflow leads to out-of-bounds write in make_arrow in arrow.c [fedora-all]↗2019-12-30

▶

Bugzilla

CVE-2019-19746 transfig: integer overflow leads to out-of-bounds write in make_arrow in arrow.c↗2019-12-30

▶