23 matches found
DEBIAN-CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...
CVE-2014-0978
Stack-based buffer overflow in the yyerror function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via a long line in a dot file...
Graphviz "yyerror()"缓冲区溢出漏洞
Graphviz是开源的多平台绘图工具。 由于"yyerror"方法lib/cgraph/scan.l中的错误,攻击者可以通过一个特制的文件触发基于堆栈的缓冲区溢出。 0 Graphviz 2.x 厂商补丁: Graphviz ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请下载使用: https://github.com/ellson/graphviz/commit/7aaddf52cd98589fb0c3ab72a393f8411838438a...