{"id":"USN-4541-1","summary":"gnuplot vulnerabilities","details":"Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars \ndiscovered that Gnuplot did not properly validate string sizes in the\ndf_generate_ascii_array_entry function. An attacker could possibly use\nthis issue to cause a heap buffer overflow, resulting in a denial of \nservice attack or arbitrary code execution. (CVE-2018-19490)\n\nTim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars \ndiscovered that Gnuplot did not properly validate string sizes in the \nPS_options function when the Gnuplot postscript terminal is used as a \nbackend. An attacker could possibly use this issue to cause a buffer\noverflow, resulting in a denial of service attack or arbitrary code \nexecution. (CVE-2018-19491)\n\nTim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars \ndiscovered that Gnuplot did not properly validate string sizes in the \ncairotrm_options function when the Gnuplot postscript terminal is used as\na backend. An attacker could possibly use this issue to cause a buffer\noverflow, resulting in a denial of service attack or arbitrary code \nexecution. (CVE-2018-19492)\n","modified":"2026-04-27T15:42:41.404434Z","published":"2020-09-25T17:14:48Z","related":["UBUNTU-CVE-2018-19490","UBUNTU-CVE-2018-19491","UBUNTU-CVE-2018-19492"],"upstream":["CVE-2018-19490","CVE-2018-19491","CVE-2018-19492","UBUNTU-CVE-2018-19490","UBUNTU-CVE-2018-19491","UBUNTU-CVE-2018-19492"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4541-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-19490"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-19491"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-19492"}],"affected":[{"package":{"name":"gnuplot","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@4.6.6-3ubuntu0.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6.6-3ubuntu0.1"}]}],"versions":["4.6.6-2","4.6.6-3"],"ecosystem_specific":{"binaries":[{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot"},{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot-data"},{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot-nox"},{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot-qt"},{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot-tex"},{"binary_version":"4.6.6-3ubuntu0.1","binary_name":"gnuplot-x11"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2018-19490"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2018-19491"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2018-19492"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4541-1.json"}}],"schema_version":"1.7.5"}