Home page logo

oss-sec logo oss-sec mailing list archives

CVE Request: graphviz: stack-based buffer overflow in yyerror()
From: Ratul Gupta <ratulg () redhat com>
Date: Tue, 07 Jan 2014 12:52:19 +0530


Graphviz, a collection of tools for the manipulation and layout of graphs, was recently reported to be affected by a buffer overflow vulnerability.

The vulnerability is caused due to an error within the "yyerror()" function (lib/cgraph/scan.l) and can be exploited to cause a stack-based buffer overflow via a specially crafted file.

Can a CVE please be assigned to this issue?



Ratul Gupta / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]