Format string vulnerability in the yyerror function in lib/cgraph/scan.l in Graphviz allows remote attackers to have unspecified impact via format string specifiers in unknown vectors, which are not properly handled in an error string.
http://advisories.mageia.org/MGASA-2014-0520.html
http://seclists.org/oss-sec/2014/q4/784
http://seclists.org/oss-sec/2014/q4/872
http://secunia.com/advisories/60166
http://www.debian.org/security/2014/dsa-3098
http://www.mandriva.com/security/advisories?name=MDVSA-2014:248
http://www.mandriva.com/security/advisories?name=MDVSA-2015:187
http://www.securityfocus.com/bid/71283
https://exchange.xforce.ibmcloud.com/vulnerabilities/98949
https://github.com/ellson/graphviz/commit/99eda421f7ddc27b14e4ac1d2126e5fe41719081
OR
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
132127 | EulerOS 2.0 SP3 : graphviz (EulerOS-SA-2019-2592) | Nessus | Huawei Local Security Checks | high |
131847 | EulerOS 2.0 SP2 : graphviz (EulerOS-SA-2019-2355) | Nessus | Huawei Local Security Checks | high |
105231 | openSUSE Security Update : graphviz (openSUSE-2017-1341) | Nessus | SuSE Local Security Checks | high |
82558 | Mandriva Linux Security Advisory : graphviz (MDVSA-2015:187) | Nessus | Mandriva Local Security Checks | high |
82089 | Debian DLA-105-1 : graphviz security update | Nessus | Debian Local Security Checks | high |
81676 | Amazon Linux AMI : graphviz-php (ALAS-2015-488) | Nessus | Amazon Linux Local Security Checks | high |
81675 | Amazon Linux AMI : graphviz (ALAS-2015-487) | Nessus | Amazon Linux Local Security Checks | high |
79993 | Mandriva Linux Security Advisory : graphviz (MDVSA-2014:248) | Nessus | Mandriva Local Security Checks | high |
79885 | Debian DSA-3098-1 : graphviz - security update | Nessus | Debian Local Security Checks | high |
79825 | Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : graphviz vulnerability (USN-2435-1) | Nessus | Ubuntu Local Security Checks | high |
79784 | Fedora 19 : graphviz-2.30.1-13.fc19 (2014-15811) | Nessus | Fedora Local Security Checks | high |
79782 | Fedora 21 : graphviz-2.38.0-11.fc21 (2014-15760) | Nessus | Fedora Local Security Checks | high |
79750 | Fedora 20 : graphviz-2.34.0-10.fc20 (2014-15812) | Nessus | Fedora Local Security Checks | high |