CVE-2014-0978

Published: Jan 10, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

MDVSA-2014:024

vendor-advisory

x_refsource_MANDRIVA

64674

vdb-entry

x_refsource_BID

https://bugzilla.redhat.com/show_bug.cgi?id=1049165

x_refsource_CONFIRM

GLSA-201702-06

vendor-advisory

x_refsource_GENTOO

https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a

x_refsource_CONFIRM

graphviz-yyerror-bo(90085)

vdb-entry

x_refsource_XF

[oss-security] 20140107 CVE Request: graphviz: stack-based buffer overflow in yyerror()

mailing-list

x_refsource_MLIST

DSA-2843

vendor-advisory

x_refsource_DEBIAN

https://bugs.gentoo.org/show_bug.cgi?id=497274

x_refsource_MISC

[oss-security] 20140107 Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()

mailing-list

x_refsource_MLIST

55666

third-party-advisory

x_refsource_SECUNIA

56244

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-0978

Description

Affected Products

References