CVE-2014-9157

Published: Dec 3, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

MDVSA-2014:248

vendor-advisory

x_refsource_MANDRIVA

graphviz-format-sting(98949)

vdb-entry

x_refsource_XF

MDVSA-2015:187

vendor-advisory

x_refsource_MANDRIVA

[oss-security] 20141201 Re: Re: CVE Request: Graphviz format string vuln

mailing-list

x_refsource_MLIST

http://advisories.mageia.org/MGASA-2014-0520.html

x_refsource_CONFIRM

71283

vdb-entry

x_refsource_BID

https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081

x_refsource_CONFIRM

DSA-3098

vendor-advisory

x_refsource_DEBIAN

60166

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20141125 CVE Request: Graphviz format string vuln

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-9157

Description

Affected Products

References