Buffer Overflow Vulnerability in Gnuplot 5.2.5's post.trm

Buffer Overflow Vulnerability in Gnuplot 5.2.5's post.trm

CVE-2018-19491 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.

Learn more about our Web Application Penetration Testing UK.