CVE-2009-4227

Xfig < 3.2.5b - Stack-based Buffer Overflow via Malformed .fig File

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4227. PoCs published by pedamachephepto.

AI-analyzed exploit summary This Fortran PoC exploits a stack-based buffer overflow in Xfig and Transfig by generating a malformed .fig file with an oversized string, leading to arbitrary code execution or denial-of-service.

Description

Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by pedamachephepto · remotelinux

https://www.exploit-db.com/exploits/33388

View Code ZIP pw:eip

This Fortran PoC exploits a stack-based buffer overflow in Xfig and Transfig by generating a malformed .fig file with an oversized string, leading to arbitrary code execution or denial-of-service.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Xfig <= 3.2.5B, Transfig <= 3.2.5A

No auth needed

Prerequisites: ability to deliver a malformed .fig file to the target

MITRE ATT&CK