GLSA-200811-04

Executive Summary

Summary
Title	Graphviz: User-assisted execution of arbitrary code

Informations
Name	GLSA-200811-04	First vendor Publication	2008-11-09
Vendor	Gentoo	Last vendor Modification	2008-11-09
Severity (Vendor)	Normal	Revision	N/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:C/I:C/A:C)
Cvss Base Score	8.5	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	6.8	Authentification	Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

A buffer overflow in Graphviz might lead to user-assisted execution of arbitrary code via a DOT file.

Background

Graphviz is an open source graph visualization software.

Description

Roee Hay reported a stack-based buffer overflow in the push_subg()
function in parser.y when processing a DOT file with a large number of Agraph_t elements.

Impact

A remote attacker could entice a user or automated system to open a specially crafted DOT file in an application using Graphviz, possibly leading to the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All Graphviz users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-gfx/graphviz-2.20.3"

References

[ 1 ] CVE-2008-4555 : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4555

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-200811-04.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-200811-04.xml

CWE : Common Weakness Enumeration

id	Name
CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

Type	Description	Count
Application	Graphviz Graphviz cpe:/a:graphviz:graphviz:2.8 cpe:/a:graphviz:graphviz:2.6 cpe:/a:graphviz:graphviz:2.4 cpe:/a:graphviz:graphviz:2.20.2 cpe:/a:graphviz:graphviz:2.20.1 cpe:/a:graphviz:graphviz:2.20.0 cpe:/a:graphviz:graphviz:2.2.2 cpe:/a:graphviz:graphviz:2.2.1.1 cpe:/a:graphviz:graphviz:2.2.1 cpe:/a:graphviz:graphviz:2.2 cpe:/a:graphviz:graphviz:2.18 cpe:/a:graphviz:graphviz:2.16 cpe:/a:graphviz:graphviz:2.14 cpe:/a:graphviz:graphviz:2.12 cpe:/a:graphviz:graphviz:2.10 cpe:/a:graphviz:graphviz:1.8.9.1 cpe:/a:graphviz:graphviz:1.8.5.2 cpe:/a:graphviz:graphviz:1.8.5.1 cpe:/a:graphviz:graphviz:1.7.5.7 cpe:/a:graphviz:graphviz:1.7.5.6 cpe:/a:graphviz:graphviz:1.7.5.5 cpe:/a:graphviz:graphviz:1.7.5.4 cpe:/a:graphviz:graphviz:1.7.5.3 cpe:/a:graphviz:graphviz:1.7.5.2 cpe:/a:graphviz:graphviz:1.7.5.1 cpe:/a:graphviz:graphviz:1.7.5_0.3 cpe:/a:graphviz:graphviz:1.7.5_0.2 cpe:/a:graphviz:graphviz:1.7.5_0.1 cpe:/a:graphviz:graphviz:1.7.16.2 cpe:/a:graphviz:graphviz:1.7.16.1 cpe:/a:graphviz:graphviz:1.5.3 cpe:/a:graphviz:graphviz:1.5.2 cpe:/a:graphviz:graphviz:1.5.1 cpe:/a:graphviz:graphviz:1.16.1 cpe:/a:graphviz:graphviz:1.14.1 cpe:/a:graphviz:graphviz:1.12.3 cpe:/a:graphviz:graphviz:1.12.2 cpe:/a:graphviz:graphviz:1.12.1 cpe:/a:graphviz:graphviz:1.10_2003-09-15_0415_2 cpe:/a:graphviz:graphviz:1.10_2003-09-15_0415_1	40

Open Source Vulnerability Database (OSVDB)

id	Description
48939	Graphviz lib/graph/parser.c push_subg Function Crafted DOT File Overflow

Type	Count
CPE ID(s)	40
osvdb(s)	1

Related	Severity
CVE-2008-4555	(High)

Same Subject	Severity
Login to view 2 more Alert(s)

GLSA-200811-04

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU