Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: graphviz: stack-based buffer overflow in yyerror()
From: cve-assign () mitre org
Date: Wed, 8 Jan 2014 13:19:21 -0500 (EST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

a sprintf() which is also later removed by commit
d266bb2b4154d11c27252b56d86963aef4434750 just for safety reasons.

Use CVE-2014-1235.


chkNum:
also looks like a buffer overflow from user input; yet unfixed.
(the regex seems to accept arbitrary long digit list)

Use CVE-2014-1236.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJSzZY+AAoJEKllVAevmvmsYAsIAIGZEGcuh835WrA73b1kTMjn
R13vriO4p+2+JDJi/dBeiCAIKM/yS/HiNhNSKnzpRGtfVCIGGO0ugTNpashLcOU6
weAgRfyqEQJjla0tHkdAKALeYqOUB0bh9iWAJ/S8563ciuNR6dg0B5h8zFMaExTG
iSEWAap4FFQgcr2UjPX00mbbFkmLAfPXxU5YuBnsMnWoFHKwOvzPJws6bduqXRHb
18e8hsHD+xfTfd2sohabAkizC43rc5m4B/ByDNOWij1Gzi13vIqIaiHicHCidbtS
GFgOP1XceMgspT/8DYBnkP74SK2qDts4CHWxICwIJhZ+mpGdHkt84uPSUgArwHQ=
=a1Ys
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault