Tim Blazytko

**Name of the Vulnerable Software and Affected Versions** Gnuplot version 5.2.5 **Description** An issue in datafile.c allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in `df generate ascii array entry()`. This can be exploited by passing an overlong string as the right bound of the range argument to the `plot()` function. **Recommendations** For Gnuplot version 5.2.5, as a temporary workaround, consider restricting the input to the `plot()` function to prevent overlong strings from being passed as the right bound of the range argument. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gnuplot version 5.2.5 **Description** An issue in Gnuplot allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the `PS options` function. This flaw is caused by a missing size check of an argument passed to the `set font` function. The issue occurs when the Gnuplot postscript terminal is used as a backend. **Recommendations** For Gnuplot version 5.2.5, consider disabling the `PS options` function or restricting the use of the postscript terminal as a backend until a patch is available. Avoid using the `set font` function with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gnuplot version 5.2.5 **Description** A buffer overflow issue exists due to a missing size check of an argument passed to the `set font` function, specifically in the `cairotrm options` function when the Gnuplot pngcairo terminal is used as a backend. This allows an attacker to conduct a buffer overflow with an arbitrary amount of data. **Recommendations** For Gnuplot version 5.2.5, consider disabling the `cairotrm options` function or restricting the use of the pngcairo terminal as a backend until a patch is available. Avoid using the `set font` function with untrusted input to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.