CVE-2018-19492
23.11.2018, 17:29
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.Enginsight
| Vendor | Product | Version |
|---|---|---|
| gnuplot | gnuplot | 5.2.5 |
| debian | debian_linux | 8.0 |
| opensuse | leap | 15.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| gnuplot |
| ||||||||||||||||||||||||||||||
| gnuplot5 |
|
Common Weakness Enumeration
References