Unrated severityNVD Advisory· Published Nov 23, 2018· Updated Aug 5, 2024
CVE-2018-19490
CVE-2018-19490
Description
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords7 versionspkg:rpm/opensuse/gnuplot&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/gnuplot&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 5.2.2-lp150.3.3.1+ 6 more
- (no CPE)range: < 5.2.2-lp150.3.3.1
- (no CPE)range: < 5.4.2-1.3
- (no CPE)range: < 5.2.2-3.3.29
- (no CPE)range: < 4.6.5-3.3.74
- (no CPE)range: < 4.6.5-3.3.74
- (no CPE)range: < 4.6.5-3.3.74
- (no CPE)range: < 4.6.5-3.3.74
Patches
Vulnerability mechanics
References
6- lists.opensuse.org/opensuse-security-announce/2019-04/msg00066.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/4541-1/mitrevendor-advisoryx_refsource_UBUNTU
- lists.debian.org/debian-lts-announce/2018/11/msg00031.htmlmitremailing-listx_refsource_MLIST
- lists.debian.org/debian-lts-announce/2018/11/msg00035.htmlmitremailing-listx_refsource_MLIST
- sourceforge.net/p/gnuplot/bugs/2093/mitrex_refsource_MISC
- sourceforge.net/p/gnuplot/gnuplot-main/ci/d5020716834582b20a5e12cdd49f39ee4f9dd949/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.