CVE-2018-19491

Gnuplot 5.2.5 is affected by CVE-2018-19491 in the postscript terminal backend. The vulnerability occurs in the PS_options function due to a missing size check on an argument passed to set font, enabling a buffer overflow when arbitrary data is supplied. The issue is localized to the postscript b...

CVE-2018-19490

CVE-2018-19490 affects Gnuplot 5.2.5 in datafile.c (df_generate_ascii_array_entry). The issue is a heap-based buffer overflow caused by passing an overlong right bound string to the plot function, which can lead to a crash and, per CVSS, potential high-severity impact. Exploitation details or aff...

CVE-2018-19490

An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in dfgenerateasciiarrayentry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range...

CVE-2018-19492

An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrmoptions function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when...

CVE-2018-19492

CVE-2018-19492 affects Gnuplot 5.2.5 in the cairo.trm component, where a missing size check in cairotrm_options (triggered by the pngcairo terminal) permits a buffer overflow with an arbitrary amount of data. Reported impact includes potential denial of service or arbitrary code execution. The de...

Gnuplot Memory Corruption Vulnerability

Gnuplot is an open source plotting software. A memory corruption vulnerability exists in the 'loadticseries' function of the set.c file in Gnuplot version 5.2.rc1. An attacker can exploit this vulnerability to cause a denial of service segmentation error and memory corruption with the help of...

CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

UBUNTU-CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

DEBIAN-CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

CVE-2017-9670

An uninitialized stack variable vulnerability in loadticseries in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact when a victim opens a specially crafted file...

CVE-2017-9670

CVE-2017-9670 is a vulnerability in gnuplot where an uninitialized stack variable in load_tic_series() (set.c) of version 5.2.rc1 can cause a Denial of Service (segmentation fault) or memory corruption when a specially crafted file is opened. The connected sources corroborate the issue and its im...

PT-2017-19106 · Gnu +1 · Gnuplot +1

Name of the Vulnerable Software and Affected Versions: gnuplot version 5.2.rc1 Description: The issue is related to an uninitialized stack variable vulnerability in the load tic series function in set.c. This vulnerability can be exploited when a victim opens a specially crafted file, potentially...

EulerOS 2.0 SP1 : ImageMagick (EulerOS-SA-2016-1029)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could...

Remote Command Execution

ImageMagick is vulnerable to remote command execution RCE attacks. These attacks are possible due to a flaw in the gnuplot delegate functionality...

UBUNTU-CVE-2016-5239

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors...

DEBIAN-CVE-2016-5239

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors...

CVE-2016-5239

The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote attackers to execute arbitrary commands via unspecified vectors...