Gentoo Linux Security Advisory 201702-6 - Multiple vulnerabilities have been found in Graphviz and the extent of these vulnerabilities are unspecified. Versions less than 2.36.0 are affected.
6d526b3a704b696a9016a681dd53bf7c56c7694bfdc8266a8dee795262b2905cMandriva Linux Security Advisory 2014-024 - Multiple buffer overflow vulnerabilities in graphviz due to an error within the yyerror() function (lib/cgraph/scan.l) which can be exploited to cause a stack-based buffer overflow via a specially crafted file.and the acceptance of an arbitrarily long digit list by a regular expression matched against user input. A build problem was discovered and fixed in swig while building graphviz for Business Server 1, related to the new php-5.5.x version as of the MDVSA-2014:014 advisory. Fixed swig packages is being provided with this advisory as well.
6996dd421efa9117f4b483fc6c479c51d2d2854a243ed739ddb0e740fc9be9d1Ubuntu Security Notice 2083-1 - It was discovered that Graphviz incorrectly handled memory in the yyerror function. If a user were tricked into opening a specially crafted dot file, an attacker could cause Graphviz to crash, or possibly execute arbitrary code. It was discovered that Graphviz incorrectly handled memory in the chkNum function. If a user were tricked into opening a specially crafted dot file, an attacker could cause Graphviz to crash, or possibly execute arbitrary code. Various other issues were also addressed.
25439a91952048a0b2275a1f124b3b5aa430718a373e261797e5b2b191ca184cDebian Linux Security Advisory 2843-1 - Two buffer overflow vulnerabilities were reported in Graphviz, a rich collection of graph drawing tools. following issues.
4ee21194e5b636cd1295e38dd07817187c639053d4eb21031ae55859f4719c85
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed