Upstream information

CVE-2017-9670 at MITRE

Description

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.

SUSE information

SUSE Bugzilla entry: 1044638 [REOPENED]

No SUSE Security Announcements cross referenced.