CVE-2018-16140

NONE EPSS 68.7%
Published Aug 30, 20187y ago · Modified Jun 17, 20262w ago
Find Similar
Published Aug 30, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

Threat Intelligence

EPSS Exploit Probability
68.7% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 3

VendorProductVersionRange
canonicalubuntu_linux14.04any
canonicalubuntu_linux16.04any
fig2dev_projectfig2dev3.2.7aany

References 3

  • lists.debian.org https://lists.debian.org/debian-lts-announce/2020/01/msg00018.html
  • sourceforge.net https://sourceforge.net/p/mcj/tickets/28/
    Third Party Advisory
  • usn.ubuntu.com https://usn.ubuntu.com/3760-1/
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.