Vulnerabilities > CVE-2017-9670 - Access of Uninitialized Pointer vulnerability in Gnuplot Project Gnuplot 5.2

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

gnuplot-project

CWE-824

NVD

Published: 2017-06-15

Updated: 2017-07-05

Summary

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.

Vulnerable Configurations

Part	Description	Count
Application	Gnuplot_Project Gnuplot Project Gnuplot 5.2	1

Common Weakness Enumeration (CWE)

CWE-824 - Access of Uninitialized Pointer

References

https://sourceforge.net/p/gnuplot/bugs/1933/