Buffer Overflow Vulnerability in Gnuplot's cairo.trm Terminal

Buffer Overflow Vulnerability in Gnuplot's cairo.trm Terminal

CVE-2018-19492 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.

Learn more about our Web Application Penetration Testing UK.