CVE-2025-46397

In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.
Configurations

No configuration.

History

16 May 2025, 14:43

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 7.1
v2 : unknown
v3 : 4.7
References
  • () https://access.redhat.com/security/cve/CVE-2025-46397 -
  • () https://bugzilla.redhat.com/show_bug.cgi?id=2362058 -
Summary
  • (es) El desbordamiento de pila en fig2dev en la versión 3.2.9a permite a un atacante la posible ejecución de código mediante la manipulación de entrada local mediante la función bezier_spline.
Summary (en) Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function. (en) In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function.

23 Apr 2025, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-04-23 21:15

Updated : 2025-05-16 14:43


NVD link : CVE-2025-46397

Mitre link : CVE-2025-46397

CVE.ORG link : CVE-2025-46397


JSON object : View

Products Affected

No product.

CWE
CWE-121

Stack-based Buffer Overflow