1
Candidate: CVE-2008-4555
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4555
6
Stack-based buffer overflow in the push_subg function in parser.y
7
(lib/graph/parser.c) in Graphviz 2.20.2, and possibly earlier versions,
8
allows user-assisted remote attackers to cause a denial of service (memory
9
corruption) or execute arbitrary code via a DOT file with a large number of
13
kees> http://roeehay.blogspot.com/2008/10/graphviz-buffer-overflow-code-execution.html
15
https://launchpad.net/bugs/532060
21
upstream_graphviz: released (2.20.3)
22
dapper_graphviz: ignored (reached end-of-life)
23
gutsy_graphviz: needed (reached end-of-life)
24
hardy_graphviz: ignored (reached end-of-life)
25
intrepid_graphviz: needed (reached end-of-life)
26
jaunty_graphviz: not-affected
27
karmic_graphviz: not-affected
28
lucid_graphviz: not-affected
29
maverick_graphviz: not-affected
30
natty_graphviz: not-affected
31
oneiric_graphviz: not-affected
32
precise_graphviz: not-affected
33
quantal_graphviz: not-affected
34
raring_graphviz: not-affected
35
devel_graphviz: not-affected