CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-19746

make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fault and out-of-bounds write because of an integer overflow via a large arrow type.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.3%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7XOY5NXUZ6JRBBPYA3CXWGRGQTSDVVG2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILJM2G6NM5MMBKTT5CH23TAI6DJGNW36/
https://sourceforge.net/p/mcj/tickets/57/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7XOY5NXUZ6JRBBPYA3CXWGRGQTSDVVG2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ILJM2G6NM5MMBKTT5CH23TAI6DJGNW36/
https://sourceforge.net/p/mcj/tickets/57/

Products affected by CVE-2019-19746

Fig2dev Project » Fig2dev » Version: 3.2.7b

cpe:2.3:a:fig2dev_project:fig2dev:3.2.7b
Fedoraproject » Fedora » Version: 31

cpe:2.3:o:fedoraproject:fedora:31
Fedoraproject » Fedora » Version: 32

cpe:2.3:o:fedoraproject:fedora:32

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-19746

Products

Pricing

Contact Us