Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-25969: gnuplot / Bugs

gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().

CVE
Open in Source
#buffer_overflow
  • Summary
  • Files
  • Reviews
  • Support
  • Tickets ▾
    • Bugs
    • Feature Requests
    • Patches
    • Support Requests
  • gnuplot-main
  • Mailing Lists
  • Discussion
  • News
  • Code

Menu ▾ ▴

#2311 global-buffer-overflow

Milestone: None

Status: closed-fixed

Owner: nobody

Labels: None

Priority:

Updated: 2020-12-07

Created: 2020-09-09

Private: No

  1. install the latest gnuplot
  2. run the command gnuplot < poc6, where poc6 is the attached file
  3. stacktrace

#2 0x000000000081da19 in do_enh_writec () #3 0x000000000081e1fa in enhanced_recursion () #4 0x0000000000895597 in ENHemf_put_text () #5 0x000000000080f868 in write_multiline () #6 0x0000000000549844 in do_key_sample () #7 0x000000000062cc69 in do_plot () #8 0x00000000006fae52 in eval_plots () #9 0x00000000006e63e2 in plotrequest () #10 0x0000000000564587 in plot_command () #11 0x000000000055bb98 in command () #12 0x000000000055b4fb in do_line () #13 0x0000000000559d91 in com_line () #14 0x00000000006e3a5d in main () #15 0x00007ffff687eb97 in __libc_start_main (main=0x6e2440 <main>, argc=0x1, argv=0x7fffffffe398, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffe388) at …/csu/libc-start.c:310 #16 0x000000000041b8aa in _start ()

1 Attachments

Discussion

Log in to post a comment.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE