20 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-0978
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line i...
RHEL 6 : graphviz (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - graphviz: stack-based buffer overflow in chkNum CVE-2014-1236 - graphviz: recursive function call in...
SUSE CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...
Stack overflow
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978...
Amazon Linux: Security Advisory (ALAS-2014-297)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : graphviz (ALAS-2014-296)
Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a 'badly formed number' and a 'long digit list.' Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphvi...
Medium: graphviz-php
Issue Overview: Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list." Stack-based buffer overflow in the yyerror function in...
Medium: graphviz
Issue Overview: Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. Affected Packages: graphviz Issue Correction: Run yum update graphviz or yum update --advisory ALAS-2014-28...
Medium: graphviz-php
Issue Overview: Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file. Affected Packages: graphviz-php Issue Correction: Run yum update graphviz-php or yum update --advisory...
Ubuntu: Security Advisory (USN-2083-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 / 13.10 : graphviz vulnerabilities (USN-2083-1)
It was discovered that Graphviz incorrectly handled memory in the yyerror function. If a user were tricked into opening a specially crafted dot file, an attacker could cause Graphviz to crash, or possibly execute arbitrary code. CVE-2014-0978, CVE-2014-1235 It was discovered that Graphviz...
[SECURITY] [DSA 2843-1] graphviz security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2843-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 13, 2014 http://www.debian.org/security/faq -...
Debian DSA-2843-1 : graphviz - buffer overflow
Two buffer overflow vulnerabilities were reported in Graphviz, a rich collection of graph drawing tools. The Common Vulnerabilities and Exposures project identifies the following issues : - CVE-2014-0978 It was discovered that user-supplied input used in the yyerror function in lib/cgraph/scan.l ...
[SECURITY] [DSA 2843-1] graphviz security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2843-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 13, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2843-1] graphviz security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2843-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso January 13, 2014 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2843-1 (graphviz - buffer overflow)
Two buffer overflow vulnerabilities were reported in Graphviz, a rich collection of graph drawing tools. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2014-0978 It was discovered that user-supplied input used in the yyerror function in lib/cgraph/scan.l is...
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...
CVE-2014-0978
CVE-2014-0978 is a stack-based buffer overflow in Graphviz 2.34.0, affecting the yyerror function in lib/cgraph/scan.l. A crafted dot file with a long line can trigger remote code execution or crash (as described in the CVE entry and corroborated by multiple advisories). Public disclosures across...
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...