CVE-2014-1235

Priority
Description
Stack-based buffer overflow in the "yyerror" function in Graphviz 2.34.0
allows remote attackers to execute arbitrary code or cause a denial of
service (application crash) via a crafted file. NOTE: This vulnerability
exists due to an incomplete fix for CVE-2014-0978.
Notes
 mdeslaur> introduced by patch for CVE-2014-0978
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (2.36.0-0ubuntu1)
Patches:
Upstream:https://github.com/ellson/graphviz/commit/d266bb2b4154d11c27252b56d86963aef4434750
More Information

Updated: 2019-03-19 12:14:04 UTC (commit 15472795df7e9de45b82f2d36b8b419b939f97b2)