Описание
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.36.0-0ubuntu1 |
| lucid | released | 2.20.2-8ubuntu3.1 |
| precise | released | 2.26.3-10ubuntu1.1 |
| quantal | released | 2.26.3-12ubuntu1.1 |
| raring | released | 2.26.3-14ubuntu1.1 |
| saucy | released | 2.26.3-15ubuntu4.1 |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34 ...
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted file. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-0978.
EPSS
6.8 Medium
CVSS2
7.8 High
CVSS3