Buffer Underwrite Vulnerability in Fig2dev Affects Multiple Platforms
CVE-2018-16140
7.8HIGH
Summary
A buffer underwrite vulnerability has been identified in Fig2dev 3.2.7a that may enable an attacker to write data prior to the start of the buffer, potentially leading to arbitrary code execution or data corruption through a specially crafted .fig file. This flaw can pose significant risks for affected systems by allowing attackers to manipulate memory in ways that can bypass security protections. System administrators are urged to apply recommended patches and security updates to mitigate this threat.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved