rpm package
suse/gnuplot&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP4
pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-19492 | — | < 4.6.5-3.3.74 | 4.6.5-3.3.74 | Nov 23, 2018 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This | ||
| CVE-2018-19491 | — | < 4.6.5-3.3.74 | 4.6.5-3.3.74 | Nov 23, 2018 | An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue o | ||
| CVE-2018-19490 | — | < 4.6.5-3.3.74 | 4.6.5-3.3.74 | Nov 23, 2018 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bo | ||
| CVE-2017-9670 | Hig | 7.8 | < 4.6.5-3.3.74 | 4.6.5-3.3.74 | Jun 15, 2017 | An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file. |
- CVE-2018-19492Nov 23, 2018affected < 4.6.5-3.3.74fixed 4.6.5-3.3.74
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This
- CVE-2018-19491Nov 23, 2018affected < 4.6.5-3.3.74fixed 4.6.5-3.3.74
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue o
- CVE-2018-19490Nov 23, 2018affected < 4.6.5-3.3.74fixed 4.6.5-3.3.74
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bo
- affected < 4.6.5-3.3.74fixed 4.6.5-3.3.74
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.