CVE-2014-1235
07.08.2017, 20:29
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| graphviz | graphviz | 2.34.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| graphviz |
| ||
| graphviz-R |
| ||
| graphviz-debuginfo |
| ||
| graphviz-devel |
| ||
| graphviz-doc |
| ||
| graphviz-gd |
| ||
| graphviz-graphs |
| ||
| graphviz-guile |
| ||
| graphviz-java |
| ||
| graphviz-lua |
| ||
| graphviz-perl |
| ||
| graphviz-php |
| ||
| graphviz-php54 |
| ||
| graphviz-python |
| ||
| graphviz-ruby |
| ||
| graphviz-tcl |
|
Common Weakness Enumeration
References