Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xfig | Xfig | * | 3.2.5b (including) |
Xfig | Xfig | 3.2.4 (including) | 3.2.4 (including) |
Xfig | Xfig | 3.2.5 (including) | 3.2.5 (including) |