CVE-2018-16140
NONE EPSS 68.7%
Published Aug 30, 20187y ago · Modified Jun 17, 20262w ago
Published Aug 30, 2018 7y ago
Last Modified Jun 17, 2026 2w ago
Description
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
Threat Intelligence
EPSS Exploit Probability
68.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 3
| Vendor | Product | Version | Range |
|---|---|---|---|
| canonical | ubuntu_linux | 14.04 | any |
| canonical | ubuntu_linux | 16.04 | any |
| fig2dev_project | fig2dev | 3.2.7a | any |
References 3
- lists.debian.org https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html
- sourceforge.net https://sourceforge.net/p/mcj/tickets/28/
- usn.ubuntu.com https://usn.ubuntu.com/3760-1/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.