A global buffer overflow in the shade_or_tint_name_after_declare_color in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21683
Reference (s):
- https://sourceforge.net/p/mcj/tickets/77/