Re: [FD] Buffer Overflow in graphviz via via a crafted config6a file

2024-02-20 Thread Matthew Fernandez
On 1/27/24 10:15, Matthew Fernandez wrote: On 1/20/24 15:07, Meng Ruijie wrote: [Vulnerability description] Buffer Overflow vulnerability in graphviz v.2.43.0 allows a remote attacker to execute arbitrary code via a crafted config6a file. [Vulnerability Type] Buffer Overflow More speci

Re: [FD] Buffer Overflow in graphviz via via a crafted config6a file

2024-01-27 Thread Matthew Fernandez
On 1/20/24 15:07, Meng Ruijie wrote: [Vulnerability description] Buffer Overflow vulnerability in graphviz v.2.43.0 allows a remote attacker to execute arbitrary code via a crafted config6a file. [Vulnerability Type] Buffer Overflow More specifically, this issue is an out-of-bounds read.

[FD] Buffer Overflow in graphviz via via a crafted config6a file

2024-01-26 Thread Meng Ruijie
[Vulnerability description] Buffer Overflow vulnerability in graphviz v.2.43.0 allows a remote attacker to execute arbitrary code via a crafted config6a file. [Vulnerability Type] Buffer Overflow [Vendor of Product] graphviz [Affected Product Code Base] graphviz - 2.43.0 [Reference] https://gi