CVE-2018-19492

An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
Configurations

Configuration 1

cpe:2.3:a:gnuplot:gnuplot:5.2.5:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

Information

Published : 2018-11-23 05:29

Updated : 2020-09-28 08:15


NVD link : CVE-2018-19492

Mitre link : CVE-2018-19492

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer