Búsqueda de    
Vulnerabilidad   
    Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.891597
Categoría:Debian Local Security Checks
Título:Debian LTS: Security Advisory for gnuplot (DLA-1597-1)
Resumen:gnuplot, a command-line driven interactive plotting program, has been;examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej;Schumilo and Nils Bars.;They found various overflow cases which might lead to the execution of;arbitrary code.;;Due to special toolchain hardening in Debian, CVE-2018-19492 is not;security relevant, but it is a bug and the patch was applied for the sake;of completeness. Probably some downstream project does not have the same;toolchain settings.
Descripción:Summary:
gnuplot, a command-line driven interactive plotting program, has been
examined with fuzzing by Tim Blazytko, Cornelius Aschermann, Sergej
Schumilo and Nils Bars.
They found various overflow cases which might lead to the execution of
arbitrary code.

Due to special toolchain hardening in Debian, CVE-2018-19492 is not
security relevant, but it is a bug and the patch was applied for the sake
of completeness. Probably some downstream project does not have the same
toolchain settings.

Affected Software/OS:
gnuplot on Debian Linux

Solution:
For Debian 8 'Jessie', these problems have been fixed in version
4.6.6-2+deb8u1.

We recommend that you upgrade your gnuplot packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2018-19490
Common Vulnerability Exposure (CVE) ID: CVE-2018-19491
Common Vulnerability Exposure (CVE) ID: CVE-2018-19492
CopyrightCopyright (C) 2018 Greenbone Networks GmbH http://greenbone.net

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2024 E-Soft Inc. Todos los derechos reservados.