CVE-2014-9157
03.12.2014, 21:59
Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| graphviz | graphviz | 𝑥 < 2.42.4 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Amazon Linux Releases
Amazon Package | |||
|---|---|---|---|
| graphviz |
| ||
| graphviz-R |
| ||
| graphviz-debuginfo |
| ||
| graphviz-devel |
| ||
| graphviz-doc |
| ||
| graphviz-gd |
| ||
| graphviz-graphs |
| ||
| graphviz-guile |
| ||
| graphviz-java |
| ||
| graphviz-lua |
| ||
| graphviz-perl |
| ||
| graphviz-php |
| ||
| graphviz-php54 |
| ||
| graphviz-python |
| ||
| graphviz-ruby |
| ||
| graphviz-tcl |
|
Common Weakness Enumeration
References