Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:31498
HistoryDec 11, 2014 - 12:00 a.m.

[USN-2435-1] Graphviz vulnerability

2014-12-1100:00:00
vulners.com
12
JSON

==========================================================================
Ubuntu Security Notice USN-2435-1
December 09, 2014

graphviz vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 14.10
  • Ubuntu 14.04 LTS
  • Ubuntu 12.04 LTS
  • Ubuntu 10.04 LTS

Summary:

graphviz could be made to crash or run programs if it opened a specially
crafted file.

Software Description:

  • graphviz: rich set of graph drawing tools

Details:

It was discovered that graphviz incorrectly handled parsing errors. An
attacker could use this issue to cause graphviz to crash or possibly
execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.10:
graphviz 2.38.0-5ubuntu0.1

Ubuntu 14.04 LTS:
graphviz 2.36.0-0ubuntu3.1

Ubuntu 12.04 LTS:
graphviz 2.26.3-10ubuntu1.2

Ubuntu 10.04 LTS:
graphviz 2.20.2-8ubuntu3.2

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2435-1
CVE-2014-9157

Package Information:
https://launchpad.net/ubuntu/+source/graphviz/2.38.0-5ubuntu0.1
https://launchpad.net/ubuntu/+source/graphviz/2.36.0-0ubuntu3.1
https://launchpad.net/ubuntu/+source/graphviz/2.26.3-10ubuntu1.2
https://launchpad.net/ubuntu/+source/graphviz/2.20.2-8ubuntu3.2

– ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Related

openvas 9
mageia 1
nessus 13
amazon 2
securityvulns 1
fedora 3
archlinux 1
cve 1
debiancve 1
ubuntucve 1
debian 3
osv 1
prion 1
ubuntu 1
openvas
openvas
Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2019-2355)
2020-01-23 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-488)
2015-09-08 00:00:00
Amazon Linux: Security Advisory (ALAS-2015-487)
2015-09-08 00:00:00
mageia
mageia
Updated graphviz packages fix CVE-2014-9157
2014-12-09 23:12:41
nessus
nessus
Mandriva Linux Security Advisory : graphviz (MDVSA-2014:248)
2014-12-15 00:00:00
Fedora 21 : graphviz-2.38.0-11.fc21 (2014-15760)
2014-12-07 00:00:00
Amazon Linux AMI : graphviz-php (ALAS-2015-488)
2015-03-09 00:00:00
amazon
amazon
Medium: graphviz-php
2015-03-04 15:53:00
Medium: graphviz
2015-03-04 15:53:00
securityvulns
securityvulns
graphviz memory corruption
2014-12-11 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: graphviz-2.38.0-11.fc21
2014-12-06 10:32:41
[SECURITY] Fedora 20 Update: graphviz-2.34.0-10.fc20
2014-12-06 02:28:42
[SECURITY] Fedora 19 Update: graphviz-2.30.1-13.fc19
2014-12-07 04:40:43
archlinux
archlinux
graphviz: format string vulnerability
2014-12-03 00:00:00
cve
cve
CVE-2014-9157
2014-12-03 21:59:00
debiancve
debiancve
CVE-2014-9157
2014-12-03 21:59:00
ubuntucve
ubuntucve
CVE-2014-9157
2014-12-03 00:00:00
debian
debian
[SECURITY] [DLA 105-1] graphviz security update
2014-12-11 21:33:48
[SECURITY] [DSA 3098-1] graphviz security update
2014-12-11 16:26:06
[SECURITY] [DSA 3098-1] graphviz security update
2014-12-11 16:26:06
osv
osv
graphviz - security update
2014-12-11 00:00:00
prion
prion
Format string
2014-12-03 21:59:00
ubuntu
ubuntu
Graphviz vulnerability
2014-12-09 00:00:00
JSON
Related for SECURITYVULNS:DOC:31498
openvas9mageia1nessus13amazon2securityvulns1fedora3archlinux1cve1debiancve1ubuntucve1debian3osv1prion1ubuntu1