oss-sec mailing list archives
Re: CVE request: graphviz buffer overflow while parsinf DOT file
From: Tomas Hoger <thoger () redhat com>
Date: Wed, 15 Oct 2008 14:06:22 +0200
On Wed, 15 Oct 2008 13:59:29 +0200 Thomas Biege <thomas () suse de> wrote:
was a CVE-ID assigned to the following issue already?
Name: CVE-2008-4555 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4555 Final-Decision: Interim-Decision: Modified: Proposed: Assigned: 20081014 Category: Reference: BUGTRAQ:20081008 Advisory: Graphviz Buffer Overflow Code Execution Reference: URL:http://www.securityfocus.com/archive/1/archive/1/497150/100/0/threaded Reference: MISC:http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html Reference: CONFIRM:http://bugs.gentoo.org/show_bug.cgi?id=240636 Reference: BID:31648 Reference: URL:http://www.securityfocus.com/bid/31648 Reference: SECUNIA:32186 Reference: URL:http://secunia.com/advisories/32186 Stack-based buffer overflow in the push_subg function in parser.y (lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions, allows user-assisted remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a DOT file with a large number of Agraph_t elements. -- Tomas Hoger / Red Hat Security Response Team
Current thread:
- CVE request: graphviz buffer overflow while parsinf DOT file Thomas Biege (Oct 15)
- Re: CVE request: graphviz buffer overflow while parsinf DOT file Tomas Hoger (Oct 15)