12 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-19492
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the...
USN-7589-1: Gnuplot vulnerabilities
Tim Blazytko, Cornelius Aschermann, Sergej Schumilo, and Nils Bars discovered that Gnuplot had several memory-related issues. An attacker could possibly use these issues to cause Gnuplot to experience a buffer overflow, resulting in a denial of service or arbitrary code execution. These issues on...
SUSE: Security Advisory (SUSE-SU-2020:1660-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : Gnuplot vulnerabilities (USN-4541-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4541-1 advisory. Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the...
openSUSE Security Update : gnuplot (openSUSE-2019-1216)
This update for gnuplot fixes the following issues : Security issues fixed : - CVE-2018-19492: Fixed a buffer overflow in cairotrmoptions function bsc1117463 - CVE-2018-19491: Fixed a buffer overlow in the PSoptions function bsc1117464 - CVE-2018-19490: Fixed a heap-based buffer overflow in the...
OPENSUSE-SU-2019:1216-1 Security update for gnuplot
This update for gnuplot fixes the following issues: Security issues fixed: - CVE-2018-19492: Fixed a buffer overflow in cairotrmoptions function bsc1117463 - CVE-2018-19491: Fixed a buffer overlow in the PSoptions function bsc1117464 - CVE-2018-19490: Fixed a heap-based buffer overflow in the...
SUSE SLES15 Security Update : gnuplot (SUSE-SU-2019:0904-1)
This update for gnuplot fixes the following issues : Security issues fixed : CVE-2018-19492: Fixed a buffer overflow in cairotrmoptions function bsc1117463 CVE-2018-19491: Fixed a buffer overlow in the PSoptions function bsc1117464 CVE-2018-19490: Fixed a heap-based buffer overflow in the...
Debian DLA-1597-1 : gnuplot security update
gnuplot, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars. They found various overflow cases which might lead to the execution of arbitrary code. Due to special toolchain hardening in Debian,...
[SECURITY] [DLA 1597-1] gnuplot security update
Package : gnuplot Version : 4.6.6-2+deb8u1 CVE ID : CVE-2018-19490 CVE-2018-19491 CVE-2018-19492 gnuplot, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars. They found various overflow cases whic...
Debian DLA-1595-1 : gnuplot5 security update
gnuplot5, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars. They found various overflow cases which might lead to the execution of arbitrary code. Due to special toolchain hardening in Debian,...
[SECURITY] [DLA 1595-1] gnuplot5 security update
Package : gnuplot5 Version : 5.0.0rc+dfsg2-1+deb8u1 CVE ID : CVE-2018-19490 CVE-2018-19491 CVE-2018-19492 gnuplot5, a command-line driven interactive plotting program, has been examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars. They found various overflow...
CVE-2018-19492
CVE-2018-19492 affects Gnuplot 5.2.5 in the cairo.trm component, where a missing size check in cairotrm_options (triggered by the pngcairo terminal) permits a buffer overflow with an arbitrary amount of data. Reported impact includes potential denial of service or arbitrary code execution. The de...