CVE-2017-9670

NONE EPSS 54.4%
Published Jun 15, 20179y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jun 15, 2017 9y ago
Last Modified Jun 17, 2026 2w ago

Description

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.

Threat Intelligence

EPSS Exploit Probability
54.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-824

Affected Products 1

VendorProductVersionRange
gnuplotgnuplot5.2any

References 1

  • sourceforge.net https://sourceforge.net/p/gnuplot/bugs/1933/
    PatchThird Party Advisory

Remediation

  • sourceforge.net https://sourceforge.net/p/gnuplot/bugs/1933/
    PatchThird Party Advisory