|
|
Subscribe / Log in / New account

graphviz: stack-based buffer overflow

Package(s):graphviz CVE #(s):CVE-2008-4555
Created:October 31, 2008 Updated:December 7, 2009
Description: From the CVE entry: Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements.
Alerts:
Mandriva MDVSA-2009:254-1 graphviz 2009-12-05
Mandriva MDVSA-2009:254 graphviz 2009-10-01
Gentoo 200811-04 graphviz 2008-11-09
SuSE SUSE-SR:2008:023 graphviz, libexiv2, exiv2, tomcat5, apache-jakarta-tomcat-connectors, libgadu, opera 2008-10-31
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds