Rapid7 Vulnerability & Exploit Database

Ubuntu: USN-5864-1 (CVE-2021-3561): Fig2dev vulnerabilities

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Ubuntu: USN-5864-1 (CVE-2021-3561): Fig2dev vulnerabilities

Severity
6
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:P)
Published
05/26/2021
Created
03/29/2023
Added
03/22/2023
Modified
03/22/2023

Description

An Out of Bounds flaw was found fig2dev version 3.2.8a. A flawed bounds check in read_objects() could allow an attacker to provide a crafted malicious input causing the application to either crash or in some cases cause memory corruption. The highest threat from this vulnerability is to integrity as well as system availability.

Solution(s)

  • ubuntu-upgrade-fig2dev
  • ubuntu-upgrade-transfig

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;