CVE-2014-1236
Published: 10 January 2014
Stack-based buffer overflow in the chkNum function in lib/cgraph/scan.l in Graphviz 2.34.0 allows remote attackers to have unspecified impact via vectors related to a "badly formed number" and a "long digit list."
Priority
Status
Package | Release | Status |
---|---|---|
graphviz Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Not vulnerable
(2.36.0-0ubuntu1)
|
|
Patches: Upstream: https://github.com/ellson/graphviz/commit/1d1bdec6318746f6f19f245db589eddc887ae8ff |